Wolf Halton

The email came through at 3:27 am. Nagios was sending an alert that the database on our main catalog-server had been fed a malicious SQL command. Were we being hacked? Was it an avid library patron doing research at three o'clock in the morning? My wife and I were leaving a Randall Bramblett concert in Athens Georgia, and I had not brought my work computer with me. I had a command line on my phone and as my wife drove the Mercedes S430 Sedan through the dark toward home. When I shelled into the server, I could see that there was a stuck SQL statement that was putting 16KB files into the database cache. I called the Firewall Team to find out if we were under active attack, The FW Team responded that there was no active attack under way. I called the Development Team Leader to let them know that the database might need to be restored to an earlier version, if it had been compromised by a malicious attack. Then I went back to purging the stuck SQL statement for the next 45 minutes, as we rushed into Atlanta, headed for the office.

I have been hacking systems and protecting my clients since 2000. My writing about hacking and penetration testing comes from a hands-on career as a college professor, a Linux engineer, a security engineer.