Home All Groups Group Topic Archive Search About

Is someone hacking into our database?

microsoft.public.access.security
Author
12 Dec 2006 10:02 PM
eagle
I created user-level security on our database over 2 years ago.  I removed
Admin user from ADMINS group, and removed all permissions from Admin user and
Users group. A month ago, the Admin user mysteriously got back into the
ADMINS group.  I took it out, of course, as soon as I saw it there.

There are only 2 persons in this agency with permissions to change security
levels. I know I didn't change the Admin user back to ADMINS group -- and the
other person maintains she did not either.  I thought maybe someone hacked in
and got one of our passwords to do this.  So, she suggested we change our
passwords. Mine is now over 15 characters long.

Today, I found where someone deleted some important client related records,
and the only ones with permissions to do that is myself and this other
person.  I know I did not do this, and the other person says she didn't do
it, either.

So, my question:  can someone hack in and get one of our passwords and use
it to change security levels and delete data?  In laymen's terms (so I can
tell my boss), how does someone hack in (from inside or outside agency)?  We
have firewalls on our network (I think -- this is what the other person works
on....network, firewalls, computers, phones, etc. -- I do strictly database
design).   If so, is there anything we can do to stop it from happening?

Thanks so much, in advance, for you help.

Author
12 Dec 2006 10:54 PM
Joan Wild
It is quite possible that someone has downloaded a tool to get the
usernames/passwords from your mdw file.  However it is also possible that
your database hasn't been secured properly, and someone is changing things
using their standard system.mdw workgroup.

--
Joan Wild
Microsoft Access MVP

eagle wrote:
Show quoteHide quote
> I created user-level security on our database over 2 years ago.  I
> removed Admin user from ADMINS group, and removed all permissions
> from Admin user and Users group. A month ago, the Admin user
> mysteriously got back into the ADMINS group.  I took it out, of
> course, as soon as I saw it there.
>
> There are only 2 persons in this agency with permissions to change
> security levels. I know I didn't change the Admin user back to ADMINS
> group -- and the other person maintains she did not either.  I
> thought maybe someone hacked in and got one of our passwords to do
> this.  So, she suggested we change our passwords. Mine is now over 15
> characters long.
>
> Today, I found where someone deleted some important client related
> records, and the only ones with permissions to do that is myself and
> this other person.  I know I did not do this, and the other person
> says she didn't do it, either.
>
> So, my question:  can someone hack in and get one of our passwords
> and use it to change security levels and delete data?  In laymen's
> terms (so I can tell my boss), how does someone hack in (from inside
> or outside agency)?  We have firewalls on our network (I think --
> this is what the other person works on....network, firewalls,
> computers, phones, etc. -- I do strictly database design).   If so,
> is there anything we can do to stop it from happening?
>
> Thanks so much, in advance, for you help.
Author
13 Dec 2006 2:13 AM
eagle
The database is secured in that if you are connected to the default
system.mdw file, you don't even get the login box, but instead get a message
that you don't have permission to access the database. 

Show quoteHide quote
"Joan Wild" wrote:

> It is quite possible that someone has downloaded a tool to get the
> usernames/passwords from your mdw file.  However it is also possible that
> your database hasn't been secured properly, and someone is changing things
> using their standard system.mdw workgroup.
>
> --
> Joan Wild
> Microsoft Access MVP
>
> eagle wrote:
> > I created user-level security on our database over 2 years ago.  I
> > removed Admin user from ADMINS group, and removed all permissions
> > from Admin user and Users group. A month ago, the Admin user
> > mysteriously got back into the ADMINS group.  I took it out, of
> > course, as soon as I saw it there.
> >
> > There are only 2 persons in this agency with permissions to change
> > security levels. I know I didn't change the Admin user back to ADMINS
> > group -- and the other person maintains she did not either.  I
> > thought maybe someone hacked in and got one of our passwords to do
> > this.  So, she suggested we change our passwords. Mine is now over 15
> > characters long.
> >
> > Today, I found where someone deleted some important client related
> > records, and the only ones with permissions to do that is myself and
> > this other person.  I know I did not do this, and the other person
> > says she didn't do it, either.
> >
> > So, my question:  can someone hack in and get one of our passwords
> > and use it to change security levels and delete data?  In laymen's
> > terms (so I can tell my boss), how does someone hack in (from inside
> > or outside agency)?  We have firewalls on our network (I think --
> > this is what the other person works on....network, firewalls,
> > computers, phones, etc. -- I do strictly database design).   If so,
> > is there anything we can do to stop it from happening?
> >
> > Thanks so much, in advance, for you help.
>
>
>
Author
13 Dec 2006 3:30 PM
eagle
I'm still thinking about your reply.  I guess I'm not completely sure what
you mean by someone changing things from their standard system.mdw workgroup.
I changed to that workgroup, then opened the secured workgroup file, and
could view things, but wasn't able to change anything.  In fact, when I
opened the secured workgroup file from the secured workgroup, I still wasn't
able to change anything by directly opening that file.  The only way I was
able to make changes in the secured workgroup file was to login to the
database via the secure workgroup, and make changes via Tools, Security, User
and Group Permissions....but only when I logged in as the SuperUser (with all
permissions). Does this make sense?  I just know that something bad is
happening with the database here, and is full of sensitive client
information, and I am the one responsible for it, and need to nail down what
is happening so I can stop it fast.  Please help.....

Show quoteHide quote
"Joan Wild" wrote:

> It is quite possible that someone has downloaded a tool to get the
> usernames/passwords from your mdw file.  However it is also possible that
> your database hasn't been secured properly, and someone is changing things
> using their standard system.mdw workgroup.
>
> --
> Joan Wild
> Microsoft Access MVP
>
> eagle wrote:
> > I created user-level security on our database over 2 years ago.  I
> > removed Admin user from ADMINS group, and removed all permissions
> > from Admin user and Users group. A month ago, the Admin user
> > mysteriously got back into the ADMINS group.  I took it out, of
> > course, as soon as I saw it there.
> >
> > There are only 2 persons in this agency with permissions to change
> > security levels. I know I didn't change the Admin user back to ADMINS
> > group -- and the other person maintains she did not either.  I
> > thought maybe someone hacked in and got one of our passwords to do
> > this.  So, she suggested we change our passwords. Mine is now over 15
> > characters long.
> >
> > Today, I found where someone deleted some important client related
> > records, and the only ones with permissions to do that is myself and
> > this other person.  I know I did not do this, and the other person
> > says she didn't do it, either.
> >
> > So, my question:  can someone hack in and get one of our passwords
> > and use it to change security levels and delete data?  In laymen's
> > terms (so I can tell my boss), how does someone hack in (from inside
> > or outside agency)?  We have firewalls on our network (I think --
> > this is what the other person works on....network, firewalls,
> > computers, phones, etc. -- I do strictly database design).   If so,
> > is there anything we can do to stop it from happening?
> >
> > Thanks so much, in advance, for you help.
>
>
>
Author
13 Dec 2006 4:03 PM
Keith Wilby
"eagle" <ea***@discussions.microsoft.com> wrote in message
news:C0AB8655-862E-48C8-B6E2-374B767167FB@microsoft.com...
>  the database here, and is full of sensitive client
> information,

I'm afraid the only sure way to store this kind of data securely is in a
system such as Oracle.  If someone's hacking in then there's nothing you can
do.  It's not worth the risk because you could probably end up in hot water
if you're shown to be responsible for leaking sensitive data.

Keith.
www.keithwilby.com
Author
13 Dec 2006 5:49 PM
Joan Wild
--
Joan Wild
Microsoft Access MVP

eagle wrote:
> I'm still thinking about your reply.  I guess I'm not completely sure
> what you mean by someone changing things from their standard
> system.mdw workgroup. I changed to that workgroup, then opened the
> secured workgroup file, and could view things, but wasn't able to
> change anything.

OK, but are able to add users.  You are logged in (silently) as Admin, which
is a member of the Admins Group in system.mdw.  Therefore you are able to
add users in that workgroup.  However, you are only adding users in that
workgroup.  You aren't able to add this new user to any of your secure
groups, because they don't exist in the system.mdw.  Groups/Users/passwords
are stored in the mdw.  Permissions are stored in the mdb.

>The only way I was able to make changes
> in the secured workgroup file was to login to the database via the
> secure workgroup, and make changes via Tools, Security, User and
> Group Permissions....but only when I logged in as the SuperUser (with
> all permissions). Does this make sense?

Yes it does.  So what you are saying is that someone is creating a new user
in your secure mdw.  Only members of the Admins Group (or someone with
administer permission) can do this.

>  I just know that something
> bad is happening with the database here, and is full of sensitive
> client information, and I am the one responsible for it, and need to
> nail down what is happening so I can stop it fast.  Please help.....

If you are dealing with such sensitive information, the data shouldn't be in
a Jet database.  Access security can be broken (just do a search at Google).
You should put the data in a more secure database, such as SQL Server.  You
can still use Access as the frontend to this data.


--
Joan Wild
Microsoft Access MVP
Author
14 Dec 2006 7:26 PM
eagle
Thank you all so much for your help -- it has been invaluable.  I have one
more question, though.  When I talked to the other person who is technically
over the databases, she said she talked to a consultant the agency hired to
look at our data systems, and the consultant said that you never, never want
to use Access databases to store large amounts of data like ours (our backend
is only about 90-100 mb in size) because the database goes screwy and begins
deleting its own data.  I responded that I was very surprised at this because
my understanding was that Access could hold a lot more data than we have.  I
also said that I heard that the real issue with using Access is that you
never want to use it to store sensitive client data, but have never heard
that it eats its own data if it gets too big.  But -- I just wanted to check
this out with you.  Does Access go haywire if it gets too big, causing loss
of data?

Our agency is currently working with a consultant (the one who made the
statement about Access eatings its young) to look over our systems, servers,
etc. and recommend and build (she's also a programmer, I guess) a system that
is "right" for us.  I have reported to my superivisors the security issues of
using our access database for our sensitive client records, and that I'm
concerned for how to keep it secure while this consultant is building a
different system, but that I know of no way to keep it secure (due to the
possibility of password hacking) -- but (one more question) do you know of a
way to keep it secure while waiting on a new system?

Thanks so much for your help.  :-)

Show quoteHide quote
"Joan Wild" wrote:

>
>
> --
> Joan Wild
> Microsoft Access MVP
>
> eagle wrote:
> > I'm still thinking about your reply.  I guess I'm not completely sure
> > what you mean by someone changing things from their standard
> > system.mdw workgroup. I changed to that workgroup, then opened the
> > secured workgroup file, and could view things, but wasn't able to
> > change anything.
>
> OK, but are able to add users.  You are logged in (silently) as Admin, which
> is a member of the Admins Group in system.mdw.  Therefore you are able to
> add users in that workgroup.  However, you are only adding users in that
> workgroup.  You aren't able to add this new user to any of your secure
> groups, because they don't exist in the system.mdw.  Groups/Users/passwords
> are stored in the mdw.  Permissions are stored in the mdb.
>
> >The only way I was able to make changes
> > in the secured workgroup file was to login to the database via the
> > secure workgroup, and make changes via Tools, Security, User and
> > Group Permissions....but only when I logged in as the SuperUser (with
> > all permissions). Does this make sense?
>
> Yes it does.  So what you are saying is that someone is creating a new user
> in your secure mdw.  Only members of the Admins Group (or someone with
> administer permission) can do this.
>
> >  I just know that something
> > bad is happening with the database here, and is full of sensitive
> > client information, and I am the one responsible for it, and need to
> > nail down what is happening so I can stop it fast.  Please help.....
>
> If you are dealing with such sensitive information, the data shouldn't be in
> a Jet database.  Access security can be broken (just do a search at Google).
> You should put the data in a more secure database, such as SQL Server.  You
> can still use Access as the frontend to this data.
>
>
> --
> Joan Wild
> Microsoft Access MVP
>
>
>
Author
14 Dec 2006 8:53 PM
Joan Wild
eagle wrote:
> Thank you all so much for your help -- it has been invaluable.  I
> have one more question, though.  When I talked to the other person
> who is technically over the databases, she said she talked to a
> consultant the agency hired to look at our data systems, and the
> consultant said that you never, never want to use Access databases to
> store large amounts of data like ours (our backend is only about
> 90-100 mb in size) because the database goes screwy and begins
> deleting its own data.

Bull.

> But -- I just wanted to check this out with you.  Does
> Access go haywire if it gets too big, causing loss of data?

Not that I've ever heard of 90-100 Mb isn't all that large.

>
> Our agency is currently working with a consultant (the one who made
> the statement about Access eatings its young) to look over our
> systems, servers, etc. and recommend and build (she's also a
> programmer, I guess) a system that is "right" for us.  I have
> reported to my superivisors the security issues of using our access
> database for our sensitive client records, and that I'm concerned for
> how to keep it secure while this consultant is building a different
> system, but that I know of no way to keep it secure (due to the
> possibility of password hacking) -- but (one more question) do you
> know of a way to keep it secure while waiting on a new system?

Don't give her access to any machine with the real data on it.  You should
be able to provide the existing mdb with sample data in it for her to use.

--
Joan Wild
Microsoft Access MVP



Post Other interesting topics
Access 2003 security warnings
Inner Joins
Undoing Access security
Design Master Unavailable in Replica Set
user enviroment needed?
Create a form to fill in.
Passwords
asswords
Using Access over the Internet
Record (s) cannont be read; no read permission on MSysObjects