| Ever wondered how well protected your firm’s important databases are? If you wonder if there might be some vulnerabilities that could be exploited by a malicious user, this tool is for you. |
PROBLEM
Sometimes one wants to know if one’s database works properly without exposing data to unneccesary risks.
QUESTION
So how might one do an audit or check-up regarding how vulnerable a database might be. this is a more comprehensive tool for engineers allowing them to do a thorough checkup on the firm’s databases.
SOLUTION
Scuba is a free database scanning tool that performs its work by looking into the database configuration for evidence of a vulnerability. In turn, it allows the project manager or the security engineer to identify possible weak spots that could be exploited by a malicious user.Scuba helps the engineer to detect
- program flaws,
- unsafe processes,
- weak passwords, and
- a few more things
In turn, all these vulnerabilities identified by Scuba can than be analyzed and a decision can be made to either remove the vulnerability or else live with the risk.
FACT SHEET ABOUT SCUBA V1.3
| costs | freeware |
| software | Scuba V1.3 |
| release date | 2007-03-15 |
| platforms | Windows 98/NT/2000/XP |
| author | Amichai Shulman and many others at Imperva |
| language(s) | English |
| size of program | 5.84 MB download (zipped file) |
| download from | Scuba V1.3 zip file |
| more information | FAQ Scuba User’s Guide V1.3 and additional insights |
EVALUATION SHEET FOR PURGOS V2.6
| Pros | This tool can be used with several different databases to checkOracle (version 8i – 10gR2), Sybase (version 11.x – 15.x), MS SQL (version 6 – 2005), DB2 (version 8.x and DRDA compatible)The program offers a graphical interface and navigate reports will support a firm’s efforts to improve its risk management regarding vulnerability exploits that could harm confidentiality, integrity and availablility of database and data stored. |
| Cons | not really any we are aware of today |
WATCH OUTAs you probably guessed, this tool is not for non-techies….Nifty tool indeed.
Get more tools from CyTRAP Labs’ choice list here:
- CyTRAP Labs’ choice – free tools for security buffs and administrators