Oracle 11g Anti-hacker's Cookbook
eBook:
$32.99
Formats:
Formats:
$28.04
save 15%!
save 15%!
Print + free eBook + free PacktLib access to the book:
$87.98
Print cover: $54.99
$54.99
save 37%!
save 37%!
Free Shipping!
UK, US, Europe and selected countries in Asia.
| Also available on: |
|
- Learn to protect your sensitive data by using industry certified techniques
- Implement and use ultimate techniques in Oracle Security and new security features introduced in Oracle 11g R2
- Implement strong network communication security using different encryption solutions provided by Oracle Advanced Security
Book Details
Language : EnglishPaperback : 302 pages [ 235mm x 191mm ]
Release Date : October 2012
ISBN : 1849685266
ISBN 13 : 9781849685269
Author(s) : Adrian Neagu
Topics and Technologies : All Books, Cookbooks, Enterprise, Oracle
Table of Contents
PrefaceChapter 1: Operating System Security
Chapter 2: Securing the Network and Data in Transit
Chapter 3: Securing Data at Rest
Chapter 4: Authentication and User Security
Chapter 5: Beyond Privileges: Oracle Virtual Private Database
Chapter 6: Beyond Privileges: Oracle Label Security
Chapter 7: Beyond Privileges: Oracle Database Vault
Chapter 8: Tracking and Analysis: Database Auditing
Appendix: Installing and Configuring Guardium, ODF, and OAV
Index
- Chapter 1: Operating System Security
- Introduction
- Using Tripwire for file integrity checking
- Using immutable files to prevent modifications
- Closing vulnerable network ports and services
- Using network security kernel tunables to protect your system
- Using TCP wrappers to allow and deny remote connections
- Enforcing the use of strong passwords and restricting the use of previous passwords
- Restricting direct login and su access
- Securing SSH login
- Chapter 2: Securing the Network and Data in Transit
- Introduction
- Hijacking an Oracle connection
- Using OAS network encryption for securing data in motion
- Using OAS data integrity for securing data in motion
- Using OAS SSL network encryption for securing data in motion
- Encrypting network communication using IPSEC
- Encrypting network communication with stunnel
- Encrypting network communication using SSH tunneling
- Restricting the fly listener administration using the ADMIN_RESTRICTION_LISTENER parameter
- Securing external program execution (EXTPROC)
- Controlling client connections using the TCP.VALIDNODE_CHECKING listener parameter
- Chapter 3: Securing Data at Rest
- Introduction
- Using block device encryption
- Using filesystem encryption with eCryptfs
- Using DBMS_CRYPTO for column encryption
- Using Transparent Data Encryption for column encryption
- Using TDE for tablespace encryption
- Using encryption with data pump
- Using encryption with RMAN
- Chapter 4: Authentication and User Security
- Introduction
- Performing a security evaluation using Oracle Enterprise Manager
- Using an offline Oracle password cracker
- Using user profiles to enforce password policies
- Using secure application roles
- How to perform authentication using external password stores
- Using SSL authentication
- Chapter 5: Beyond Privileges: Oracle Virtual Private Database
- Introduction
- Using session-based application contexts
- Implementing row-level access policies
- Using Oracle Enterprise Manager for managing VPD
- Implementing column-level access policies
- Implementing VPD grouped policies
- Granting exemptions from VPD policies
- Chapter 6: Beyond Privileges: Oracle Label Security
- Introduction
- Creating and using label components
- Defining and using compartments and groups
- Using label policy privileges
- Using trusted stored units
- Chapter 7: Beyond Privileges: Oracle Database Vault
- Introduction
- Creating and using Oracle Database Vault realms
- Creating and using Oracle Vault command rules
- Creating and using Oracle Database Vault rulesets
- Creating and using Oracle Database Vault factors
- Creating and using Oracle Database Vault reports
- Chapter 8: Tracking and Analysis: Database Auditing
- Introduction
- Determining how and where to generate audit information
- Auditing sessions
- Auditing statements
- Auditing objects
- Auditing privileges
- Implementing fine-grained auditing
- Integrating Oracle audit with SYSLOG
- Auditing sys administrative users
- Appendix: Installing and Configuring Guardium, ODF, and OAV
- You can download the Free Download Chapter from http://www.packtpub.com/sites/default/files/downloads/5269EN_AppendixA_Installing_and_Configuring_Guardium_ODF_and_OAV.pdf
Adrian Neagu
Sorry, we don't have any reviews for this title yet.
Code Downloads
Download the code and support files for this book.
Submit Errata
Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.
Errata
- 2 submitted: last submission 30 Nov 2012Errata type: Technical | Page number: 36
All parameters that will be modified are located in the /etc/sshd_config configuration file.
Should be: ...located in the /etc/ssh/sshd_config configuration file.
Errata type: Code | Page number: 27
The highlighted lines of code can be removed:
2. In this moment if we try to establish a connection from nodeorcl5 it will be denied:
[oraclient@nodeorcl5 ~]$ ssh -l oracle nodeorcl1
ssh_exchange_identification: Connection closed by remote host
[oraclient@nodeorcl5 .ssh]$ ssh -l oracle nodeorcl1
oracle@nodeorcl1's password:
Last login: Sun Aug 12 19:47:21 2012 from nodeorcl5
[oracle@nodeorcl1 ~]$
Sample chapters
You can view our sample chapters and prefaces of this title on PacktLib or download sample chapters in PDF format.
Frequently bought together
+
=
50% Off
the eBooks
the eBooks
Buy both these recommended eBooks together and get 50% off the total price
- Get to grips with configuring a secure server at operating system level for Oracle Database
- Master how to secure data by using Oracle Cryptographic API and Transparent Data Encryption
- Get step-by-step instructions to implement a solid audit strategy by using the built in solutions and fine grained auditing
- Understand how to segregate and protect data access by using Oracle Vault
- Learn about different types of attacks and how to implement a solid defence against them
- Empathize the attacks and interceptions by using different techniques and tools such as sniffing, man-in-the-middle, brute force and password crackers.
For almost all organizations, data security is a matter of prestige and credibility. The Oracle Database is one of the most rich in features and probably the most used Database in a variety of industries where security is essential. To ensure security of data both in transit and on the disk, Oracle has implemented the security technologies to achieve a reliable and solid system. In Oracle 11g Anti-Hacker's Cookbook, you will learn about the most important solutions that can be used for better database security.
"Oracle 11g Anti-hacker's Cookbook" covers all the important security measures and includes various tips and tricks to protect your Oracle Database.
"Oracle 11g Anti-hacker's Cookbook" uses real-world scenarios to show you how to secure the Oracle Database server from different perspectives and against different attack scenarios. Almost every chapter has a possible threads section, which describes the major dangers that can be confronted. The initial chapters cover how to defend the operating system, the network, the data and the users. The defense scenarios are linked and designed to prevent these attacks. The later chapters cover Oracle Vault, Oracle VPD, Oracle Labels, and Oracle Audit. Finally, in the Appendices, the book demonstrates how to perform a security assessment against the operating system and the database, and how to use a DAM tool for monitoring.
This cookbook has recipes written in simple, easy to understand format with lots of screenshots and insightful tips and hints.
If you are an Oracle Database Administrator, Security Manager or Security Auditor looking to secure the Oracle Database or prevent it from being hacked, then this book is for you.
This book assumes you have a basic understanding of security concepts.
