Oracle 11g Anti-hacker's Cookbook


Oracle 11g Anti-hacker's Cookbook
eBook: $32.99
Formats: PDF, PacktLib, ePub and Mobi formats
$28.04
save 15%!
Print + free eBook + free PacktLib access to the book: $87.98    Print cover: $54.99
$54.99
save 37%!
Free Shipping!
UK, US, Europe and selected countries in Asia.
Also available on:
Overview
Table of Contents
Author
Support
Sample Chapters
  • Learn to protect your sensitive data by using industry certified techniques
  • Implement and use ultimate techniques in Oracle Security and new security features introduced in Oracle 11g R2
  • Implement strong network communication security using different encryption solutions provided by Oracle Advanced Security

Book Details

Language : English
Paperback : 302 pages [ 235mm x 191mm ]
Release Date : October 2012
ISBN : 1849685266
ISBN 13 : 9781849685269
Author(s) : Adrian Neagu
Topics and Technologies : All Books, Enterprise Products and Platforms, Cookbooks, Enterprise, Oracle

Table of Contents

Preface
Chapter 1: Operating System Security
Chapter 2: Securing the Network and Data in Transit
Chapter 3: Securing Data at Rest
Chapter 4: Authentication and User Security
Chapter 5: Beyond Privileges: Oracle Virtual Private Database
Chapter 6: Beyond Privileges: Oracle Label Security
Chapter 7: Beyond Privileges: Oracle Database Vault
Chapter 8: Tracking and Analysis: Database Auditing
Appendix: Installing and Configuring Guardium, ODF, and OAV
Index
  • Chapter 1: Operating System Security
    • Introduction
    • Using Tripwire for file integrity checking
    • Using immutable files to prevent modifications
    • Closing vulnerable network ports and services
    • Using network security kernel tunables to protect your system
    • Using TCP wrappers to allow and deny remote connections
    • Enforcing the use of strong passwords and restricting the use of previous passwords
    • Restricting direct login and su access
    • Securing SSH login
    • Chapter 2: Securing the Network and Data in Transit
      • Introduction
      • Hijacking an Oracle connection
      • Using OAS network encryption for securing data in motion
      • Using OAS data integrity for securing data in motion
      • Using OAS SSL network encryption for securing data in motion
      • Encrypting network communication using IPSEC
      • Encrypting network communication with stunnel
      • Encrypting network communication using SSH tunneling
      • Restricting the fly listener administration using the ADMIN_RESTRICTION_LISTENER parameter
      • Securing external program execution (EXTPROC)
      • Controlling client connections using the TCP.VALIDNODE_CHECKING listener parameter
      • Chapter 3: Securing Data at Rest
        • Introduction
        • Using block device encryption
        • Using filesystem encryption with eCryptfs
        • Using DBMS_CRYPTO for column encryption
        • Using Transparent Data Encryption for column encryption
        • Using TDE for tablespace encryption
        • Using encryption with data pump
        • Using encryption with RMAN
        • Chapter 4: Authentication and User Security
          • Introduction
          • Performing a security evaluation using Oracle Enterprise Manager
          • Using an offline Oracle password cracker
          • Using user profiles to enforce password policies
          • Using secure application roles
          • How to perform authentication using external password stores
          • Using SSL authentication
          • Chapter 5: Beyond Privileges: Oracle Virtual Private Database
            • Introduction
            • Using session-based application contexts
            • Implementing row-level access policies
            • Using Oracle Enterprise Manager for managing VPD
            • Implementing column-level access policies
            • Implementing VPD grouped policies
            • Granting exemptions from VPD policies
              • Chapter 7: Beyond Privileges: Oracle Database Vault
                • Introduction
                • Creating and using Oracle Database Vault realms
                • Creating and using Oracle Vault command rules
                • Creating and using Oracle Database Vault rulesets
                • Creating and using Oracle Database Vault factors
                • Creating and using Oracle Database Vault reports
                • Chapter 8: Tracking and Analysis: Database Auditing
                  • Introduction
                  • Determining how and where to generate audit information
                  • Auditing sessions
                  • Auditing statements
                  • Auditing objects
                  • Auditing privileges
                  • Implementing fine-grained auditing
                  • Integrating Oracle audit with SYSLOG
                  • Auditing sys administrative users

                    Adrian Neagu

                    Adrian Neagu has over ten years of experience as a database administrator, mainly with DB2 and Oracle databases. He is an Oracle Certified Master 10g, Oracle Certified Professional 9i, 10g, and 11g, IBM DB2 Certified Administrator version 8.1.2 and 9, IBM DB2 9 Advanced Certified Administrator 9, and Sun Certified System Administrator Solaris 10. He is an expert in many areas of database administration such as performance tuning, high availability, replication, backup, and recovery. In his spare time, he likes to cook, take photos, and to catch big pikes with huge jerkbaits and bulldawgs.
                    Sorry, we don't have any reviews for this title yet.

                    Code Downloads

                    Download the code and support files for this book.


                    Submit Errata

                    Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.


                    Errata

                    - 2 submitted: last submission 30 Nov 2012

                    Errata type: Technical | Page number: 36

                    All parameters that will be modified are located in the /etc/sshd_config configuration file.

                    Should be: ...located in the /etc/ssh/sshd_config configuration file.

                     

                    Errata type: Code | Page number: 27

                    The highlighted lines of code can be removed:

                    2. In this moment if we try to establish a connection from nodeorcl5 it will be denied:
                    [oraclient@nodeorcl5 ~]$ ssh -l oracle nodeorcl1
                    ssh_exchange_identification: Connection closed by remote host
                    [oraclient@nodeorcl5 .ssh]$ ssh -l oracle nodeorcl1
                    oracle@nodeorcl1's password:
                    Last login: Sun Aug 12 19:47:21 2012 from nodeorcl5

                    [oracle@nodeorcl1 ~]$

                     

                    Sample chapters

                    You can view our sample chapters and prefaces of this title on PacktLib or download sample chapters in PDF format.

                    Frequently bought together

                    Oracle 11g Anti-hacker's Cookbook +    The Oracle Universal Content Management Handbook =
                    50% Off
                    the second eBook
                    Price for both: $47.10

                    Buy both these recommended eBooks together and get 50% off the cheapest eBook.

                    What you will learn from this book

                    • Get to grips with configuring a secure server at operating system level for Oracle Database
                    • Master how to secure data by using Oracle Cryptographic API and Transparent Data Encryption
                    • Get step-by-step instructions to implement a solid audit strategy by using the built in solutions and fine grained auditing
                    • Understand how to segregate and protect data access by using Oracle Vault
                    • Learn about different types of attacks and how to implement a solid defence against them
                    • Empathize the attacks and interceptions by using different techniques and tools such as sniffing, man-in-the-middle, brute force and password crackers.

                    In Detail

                    For almost all organizations, data security is a matter of prestige and credibility. The Oracle Database is one of the most rich in features and probably the most used Database in a variety of industries where security is essential. To ensure security of data both in transit and on the disk, Oracle has implemented the security technologies to achieve a reliable and solid system. In Oracle 11g Anti-Hacker's Cookbook, you will learn about the most important solutions that can be used for better database security.

                    "Oracle 11g Anti-hacker's Cookbook" covers all the important security measures and includes various tips and tricks to protect your Oracle Database.

                    "Oracle 11g Anti-hacker's Cookbook" uses real-world scenarios to show you how to secure the Oracle Database server from different perspectives and against different attack scenarios. Almost every chapter has a possible threads section, which describes the major dangers that can be confronted. The initial chapters cover how to defend the operating system, the network, the data and the users. The defense scenarios are linked and designed to prevent these attacks. The later chapters cover Oracle Vault, Oracle VPD, Oracle Labels, and Oracle Audit. Finally, in the Appendices, the book demonstrates how to perform a security assessment against the operating system and the database, and how to use a DAM tool for monitoring.

                    Approach

                    This cookbook has recipes written in simple, easy to understand format with lots of screenshots and insightful tips and hints.

                    Who this book is for

                    If you are an Oracle Database Administrator, Security Manager or Security Auditor looking to secure the Oracle Database or prevent it from being hacked, then this book is for you.

                    This book assumes you have a basic understanding of security concepts.

                    Code Download and Errata
                    Packt Anytime, Anywhere
                    Register Books
                    Print Upgrades
                    eBook Downloads
                    Video Support
                    Contact Us
                    Awards Voting Nominations Previous Winners
                    Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
                    Resources
                    Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software