You are previewing Oracle 11g Anti-hacker's Cookbook.
O'Reilly logo
Oracle 11g Anti-hacker's Cookbook

Book Description

Make your Oracle database virtually impregnable to hackers using the knowledge in this book. With over 50 recipes, you’ll quickly learn protection methodologies that use industry certified techniques to secure the Oracle database server.

  • Learn to protect your sensitive data by using industry certified techniques

  • Implement and use ultimate techniques in Oracle Security and new security features introduced in Oracle 11g R2

  • Implement strong network communication security using different encryption solutions provided by Oracle Advanced Security

  • In Detail

    For almost all organizations, data security is a matter of prestige and credibility. The Oracle Database is one of the most rich in features and probably the most used Database in a variety of industries where security is essential. To ensure security of data both in transit and on the disk, Oracle has implemented the security technologies to achieve a reliable and solid system. In Oracle 11g Anti-Hacker's Cookbook, you will learn about the most important solutions that can be used for better database security.

    "Oracle 11g Anti-Hacker's Cookbook" covers all the important security measures and includes various tips and tricks to protect your Oracle Database.

    "Oracle 11g Anti-Hacker's Cookbook" uses real-world scenarios to show you how to secure the Oracle Database server from different perspectives and against different attack scenarios. Almost every chapter has a possible threads section, which describes the major dangers that can be confronted. The initial chapters cover how to defend the operating system, the network, the data and the users. The defense scenarios are linked and designed to prevent these attacks. The later chapters cover Oracle Vault, Oracle VPD, Oracle Labels, and Oracle Audit. Finally, in the Appendices, the book demonstrates how to perform a security assessment against the operating system and the database, and how to use a DAM tool for monitoring.

    Table of Contents

    1. Oracle 11g Anti-hacker's Cookbook
      1. Table of Contents
      2. Oracle 11g Anti-hacker's Cookbook
      3. Credits
      4. Foreword
      5. About the Author
      6. About the Reviewers
      7. www.PacktPub.com
        1. Support files, eBooks, discount offers and more
          1. Why Subscribe?
          2. Free Access for Packt account holders
          3. Instant Updates on New Packt Books
      8. Preface
        1. What this book covers
        2. What you need for this book
        3. Who this book is for
        4. Conventions
        5. Reader feedback
        6. Customer support
          1. Downloading the example code
          2. Errata
          3. Piracy
          4. Questions
      9. 1. Operating System Security
        1. Introduction
        2. Using Tripwire for file integrity checking
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
            1. Other administrative options
        3. Using immutable files to prevent modifications
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        4. Closing vulnerable network ports and services
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        5. Using network security kernel tunables to protect your system
          1. How to do it...
          2. How it works...
          3. There's more...
        6. Using TCP wrappers to allow and deny remote connections
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There is more...
        7. Enforcing the use of strong passwords and restricting the use of previous passwords
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There is more...
            1. Performing a security assessment on current passwords with the John the Ripper password cracker tool
        8. Restricting direct login and su access
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        9. Securing SSH login
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
            1. Setting up public key authentication
      10. 2. Securing the Network and Data in Transit
        1. Introduction
        2. Hijacking an Oracle connection
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also...
        3. Using OAS network encryption for securing data in motion
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        4. Using OAS data integrity for securing data in motion
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        5. Using OAS SSL network encryption for securing data in motion
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        6. Encrypting network communication using IPSEC
          1. Getting ready
          2. How it works...
          3. How it works...
          4. There's more...
        7. Encrypting network communication with stunnel
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        8. Encrypting network communication using SSH tunneling
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        9. Restricting the fly listener administration using the ADMIN_RESTRICTION_LISTENER parameter
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        10. Securing external program execution (EXTPROC)
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See Also
        11. Controlling client connections using the TCP.VALIDNODE_CHECKING listener parameter
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
      11. 3. Securing Data at Rest
        1. Introduction
        2. Using block device encryption
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        3. Using filesystem encryption with eCryptfs
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        4. Using DBMS_CRYPTO for column encryption
          1. Getting Ready
          2. How to do it...
          3. How it works...
          4. There's more...
        5. Using Transparent Data Encryption for column encryption
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
            1. Performance implications
            2. Limitations:
            3. Recommendations
          5. See also
        6. Using TDE for tablespace encryption
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
            1. Encryption key management
        7. Using encryption with data pump
          1. Getting ready
          2. How to do it...
          3. How it works...
        8. Using encryption with RMAN
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
      12. 4. Authentication and User Security
        1. Introduction
        2. Performing a security evaluation using Oracle Enterprise Manager
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        3. Using an offline Oracle password cracker
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        4. Using user profiles to enforce password policies
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        5. Using secure application roles
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        6. How to perform authentication using external password stores
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        7. Using SSL authentication
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
      13. 5. Beyond Privileges: Oracle Virtual Private Database
        1. Introduction
        2. Using session-based application contexts
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        3. Implementing row-level access policies
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
            1. Performance implications
        4. Using Oracle Enterprise Manager for managing VPD
          1. Getting ready
          2. How to do it...
          3. How it works...
        5. Implementing column-level access policies
          1. Getting ready
          2. How to do it...
          3. How it works...
        6. Implementing VPD grouped policies
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        7. Granting exemptions from VPD policies
          1. How to do it...
          2. How it works...
          3. There's more...
      14. 6. Beyond Privileges: Oracle Label Security
        1. Introduction
        2. Creating and using label components
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        3. Defining and using compartments and groups
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        4. Using label policy privileges
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        5. Using trusted stored units
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
      15. 7. Beyond Privileges: Oracle Database Vault
        1. Introduction
        2. Creating and using Oracle Database Vault realms
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        3. Creating and using Oracle Vault command rules
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        4. Creating and using Oracle Database Vault rulesets
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        5. Creating and using Oracle Database Vault factors
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        6. Creating and using Oracle Database Vault reports
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
      16. 8. Tracking and Analysis: Database Auditing
        1. Introduction
        2. Determining how and where to generate audit information
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
          5. See also
        3. Auditing sessions
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        4. Auditing statements
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
        5. Auditing objects
          1. Getting ready
          2. How it works...
          3. How it works...
          4. There's more...
        6. Auditing privileges
          1. Getting ready
          2. How it works...
          3. How it works...
          4. There's more...
        7. Implementing fine-grained auditing
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There's more...
            1. Alert mechanism
            2. Other options
        8. Integrating Oracle audit with SYSLOG
          1. Getting ready
          2. How to do it...
          3. How it works...
          4. There is more...
        9. Auditing sys administrative users
          1. Getting ready
          2. How to do it...
          3. How it works...
      17. Index