Oracle 11g Anti-hacker's Cookbook电子书

Oracle 11g Anti-hacker's Cookbook

Table of Contents

Oracle 11g Anti-hacker's Cookbook

Credits

Foreword

About the Author

About the Reviewers

www.PacktPub.com

Support files, eBooks, discount offers and more

Why Subscribe?

Free Access for Packt account holders

Instant Updates on New Packt Books

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Downloading the example code

Errata

Piracy

Questions

1. Operating System Security

Introduction

Using Tripwire for file integrity checking

Getting ready

How to do it...

How it works...

There's more...

Other administrative options

Using immutable files to prevent modifications

Getting ready

How to do it...

How it works...

There's more...

Closing vulnerable network ports and services

Getting ready

How to do it...

How it works...

There's more...

Using network security kernel tunables to protect your system

How to do it...

How it works...

There's more...

Using TCP wrappers to allow and deny remote connections

Getting ready

How to do it...

How it works...

There is more...

Enforcing the use of strong passwords and restricting the use of previous passwords

Getting ready

How to do it...

How it works...

There is more...

Performing a security assessment on current passwords with the John the Ripper password cracker tool

Restricting direct login and su access

Getting ready

How to do it...

How it works...

There's more...

Securing SSH login

Getting ready

How to do it...

How it works...

There's more...

Setting up public key authentication

2. Securing the Network and Data in Transit

Introduction

Hijacking an Oracle connection

Getting ready

How to do it...

How it works...

There's more...

See also...

Using OAS network encryption for securing data in motion

Getting ready

How to do it...

How it works...

There's more...

Using OAS data integrity for securing data in motion

Getting ready

How to do it...

How it works...

There's more...

Using OAS SSL network encryption for securing data in motion

Getting ready

How to do it...

How it works...

There's more...

Encrypting network communication using IPSEC

Getting ready

How it works...

How it works...

There's more...

Encrypting network communication with stunnel

Getting ready

How to do it...

How it works...

There's more...

Encrypting network communication using SSH tunneling

Getting ready

How to do it...

How it works...

There's more...

Restricting the fly listener administration using the ADMIN_RESTRICTION_LISTENER parameter

Getting ready

How to do it...

How it works...

There's more...

Securing external program execution (EXTPROC)

Getting ready

How to do it...

How it works...

There's more...

See Also

Controlling client connections using the TCP.VALIDNODE_CHECKING listener parameter

Getting ready

How to do it...

How it works...

There's more...

3. Securing Data at Rest

Introduction

Using block device encryption

Getting ready

How to do it...

How it works...

There's more...

Using filesystem encryption with eCryptfs

Getting ready

How to do it...

How it works...

There's more...

Using DBMS_CRYPTO for column encryption

Getting Ready

How to do it...

How it works...

There's more...

Using Transparent Data Encryption for column encryption

Getting ready

How to do it...

How it works...

There's more...

Performance implications

Limitations:

Recommendations

See also

Using TDE for tablespace encryption

Getting ready

How to do it...

How it works...

There's more...

Encryption key management

Using encryption with data pump

Getting ready

How to do it...

How it works...

Using encryption with RMAN

Getting ready

How to do it...

How it works...

There's more...

4. Authentication and User Security

Introduction

Performing a security evaluation using Oracle Enterprise Manager

Getting ready

How to do it...

How it works...

There's more...

Using an offline Oracle password cracker

Getting ready

How to do it...

How it works...

There's more...

Using user profiles to enforce password policies

Getting ready

How to do it...

How it works...

There's more...

Using secure application roles

Getting ready

How to do it...

How it works...

There's more...

See also

How to perform authentication using external password stores

Getting ready

How to do it...

How it works...

There's more...

Using SSL authentication

Getting ready

How to do it...

How it works...

There's more...

5. Beyond Privileges: Oracle Virtual Private Database

Introduction

Using session-based application contexts

Getting ready

How to do it...

How it works...

There's more...

Implementing row-level access policies

Getting ready

How to do it...

How it works...

There's more...

Performance implications

Using Oracle Enterprise Manager for managing VPD

Getting ready

How to do it...

How it works...

Implementing column-level access policies

Getting ready

How to do it...

How it works...

Implementing VPD grouped policies

Getting ready

How to do it...

How it works...

There's more...

Granting exemptions from VPD policies

How to do it...

How it works...

There's more...

6. Beyond Privileges: Oracle Label Security

Introduction

Creating and using label components

Getting ready

How to do it...

How it works...

There's more...

Defining and using compartments and groups

Getting ready

How to do it...

How it works...

There's more...

Using label policy privileges

Getting ready

How to do it...

How it works...

There's more...

Using trusted stored units

Getting ready

How to do it...

How it works...

There's more...

7. Beyond Privileges: Oracle Database Vault

Introduction

Creating and using Oracle Database Vault realms

Getting ready

How to do it...

How it works...

There's more...

Creating and using Oracle Vault command rules

Getting ready

How to do it...

How it works...

There's more...

Creating and using Oracle Database Vault rulesets

Getting ready

How to do it...

How it works...

There's more...

Creating and using Oracle Database Vault factors

Getting ready

How to do it...

How it works...

There's more...

Creating and using Oracle Database Vault reports

Getting ready

How to do it...

How it works...

There's more...

8. Tracking and Analysis: Database Auditing

Introduction

Determining how and where to generate audit information

Getting ready

How to do it...

How it works...

There's more...

See also

Auditing sessions

Getting ready

How to do it...

How it works...

There's more...

Auditing statements

Getting ready

How to do it...

How it works...

There's more...

Auditing objects

Getting ready

How it works...

How it works...

There's more...

Auditing privileges

Getting ready

How it works...

How it works...

There's more...

Implementing fine-grained auditing

Getting ready

How to do it...

How it works...

There's more...

Alert mechanism

Other options

Integrating Oracle audit with SYSLOG

Getting ready

How to do it...

How it works...

There is more...

Auditing sys administrative users

Getting ready

How to do it...

How it works...

Index