Background
- Read the Sybase security documentation.
The most comprehensive source of information about Sybase is, somewhat unsurprisingly, Sybase itself. The full set of manuals is available online at http://manuals.sybase.com and a large amount of configuration information is available.
- Regularly check the Sybase update page.
It's always wise to check the Sybase update page for new releases, patches, and so on because Sybase tends to patch security issues promptly: http://www.sybase.com.
- Periodically search for alternative security documentation.
It can be hard to find alternative sources of information about Sybase security; there aren't that many lockdown guides available outside of the Sybase site.
Nilesh Burghate of Network Intelligence India wrote a short paper that covers the basics: http://www.nii.co.in/resources/Sybase.pdf.
The Sybase FAQ page at ISUG (the International Sybase User Group) is extremely informative: http://www.isug.com/Sybase_FAQ/.
- Periodically search vulnerability databases.
Several free, searchable online databases are available that list security vulnerabilities. The ICAT Metabase is a database created by the National Institute of Standards and Technology in the United States. It is probably the most authoritative source of vulnerability information available: http://icat.nist.gov/.
Security Focus also has an online vulnerability database: http://www.securityfocus.com/bid.
It's a good idea to periodically search these databases for Sybase security issues; ...
Get The Database Hacker's Handbook: Defending Database Servers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.