Practical Oracle Security - Aaron Ingram, Josh Shaul

Practical Oracle Security (eBook)

Your Unauthorized Guide to Relational Database Security

Aaron Ingram, Josh Shaul (Autoren)

eBook Download: EPUB

2011 | 1. Auflage
288 Seiten
Elsevier Science (Verlag)
978-0-08-055566-9 (ISBN)

This is the only practical, hands-on guide available to database administrators to secure their Oracle databases. This book will help the DBA to assess their current level of risk as well as their existing security posture. It will then provide practical, applicable knowledge to appropriately secure the Oracle database. The book's companion Web site contains dozens of working scripts that DBA's can use to secure and automate their Oracle databases.

* The only practical, hands-on guide for securing your Oracle database published by independent experts.
* Companion Web site contains dozens of scripts to help you automate security tasks.
* Your Oracle database does not exist in a vacuum, so this book shows you how to securely integrate your database into your enterprise.

This is the only practical, hands-on guide available to database administrators to secure their Oracle databases. This book will help the DBA to assess their current level of risk as well as their existing security posture. It will then provide practical, applicable knowledge to appropriately secure the Oracle database. - The only practical, hands-on guide for securing your Oracle database published by independent experts. - Your Oracle database does not exist in a vacuum, so this book shows you how to securely integrate your database into your enterprise.

Front Cover 1
Practical Oracle Security: Your unauthorized guide to Relational Database Secutiry 4
Copyright Page 5
Contents 10
Chapter 1. Oracle Security: The Big Picture 18
Introduction 19
A Brief History of Security Features in Oracle 20
Major Data Theft Incidents 37
A Step-by-step Approach to Securing Oracle 42
Summary 46
Solutions Fast Track 46
Frequently Asked Questions 48
Chapter 2. File System 50
Introduction 51
Getting to Know Your Files 51
Reviewing Recommended Permissions 63
Managing Change 66
Summary 67
Solutions Fast Track 67
Frequently Asked Questions 69
Chapter 3. TNS Listener Security 72
Introduction 73
Introduction to the TNS Listener 73
Listener Vulnerabilities "By Design" 79
Fixing Listener Vulnerabilities by Applying Oracle Patch Sets and CPUs 80
Securing the Listener Configuration 84
Valid Node Checking 92
Summary 94
Solutions Fast Track 94
Frequently Asked Questions 97
Chapter 4. Managing Default Accounts 100
Introduction 101
The Role of Oracle Default Accounts From 9i to 10g 103
Lock Accounts and Expire Default Passwords 118
Configure Strong Passwords 118
Unlock Accounts and Configure Impossible Passwords 120
Summary 131
Solutions Fast Track 131
Frequently Asked Questions 134
Chapter 5. PUBLIC Privileges 138
Introduction 139
The PUBLIC Group 139
Default Privileges on Sensitive Functions 148
Privileges You Should Never Grant to PUBLIC 155
Summary 162
Solutions Fast Track 162
Frequently Asked Questions 164
Chapter 6. Software Updates 166
Introduction 167
Understanding Oracle's Patching Philosophy 167
Examining a CPU 173
Installing a Critical Patch Update 181
Evaluating Security Alerts 184
Summary 185
Solutions Fast Track 185
Frequently Asked Questions 187
Chapter 7. Passwords and Password Controls 190
Introduction 191
Configuring Strong Passwords 191
Password Controls Using Oracle Profiles 195
OS Authentication 204
Automated Scanning for Weak Passwords 207
Summary 212
Solutions Fast Track 212
Frequently Asked Questions 214
Chapter 8. Database Activity Monitoring 218
Introduction 219
Database Intrusion 101 219
Detecting Known Attack Patterns 226
Detecting Suspicious Activity 230
Tracking the Attacker 233
Adhering to Government and Industry Regulations 235
Summary 238
Solutions Fast Track 238
Frequently Asked Questions 240
Chapter 9. Implementation Guide 242
Introduction 243
Getting Started 244
Implementing Basic Security 246
Implementing Best Practices 248
Locking Down Your Database 250
Summary 253
Solutions Fast Track 253
Frequently Asked Questions 255
Index 256

Erscheint lt. Verlag	31.8.2011
Sprache	englisch
Themenwelt	Informatik ► Datenbanken ► Oracle
	Informatik ► Netzwerke ► Sicherheit / Firewall
	Mathematik / Informatik ► Informatik ► Theorie / Studium
	Sozialwissenschaften ► Kommunikation / Medien ► Buchhandel / Bibliothekswesen
	Wirtschaft ► Betriebswirtschaft / Management
ISBN-10	0-08-055566-7 / 0080555667
ISBN-13	978-0-08-055566-9 / 9780080555669

Haben Sie eine Frage zum Produkt?

EPUB (Adobe DRM)

Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM

Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belletristik und Sachbüchern. Der Fließtext wird dynamisch an die Display- und Schriftgröße angepasst. Auch für mobile Lesegeräte ist EPUB daher gut geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine Adobe-ID und die Software Adobe Digital Editions (kostenlos). Von der Benutzung der OverDrive Media Console raten wir Ihnen ab. Erfahrungsgemäß treten hier gehäuft Probleme mit dem Adobe DRM auf.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine Adobe-ID sowie eine kostenlose App.
Geräteliste und zusätzliche Hinweise

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.