Oracle 11g Anti-hacker's Cookbook

Make your Oracle database virtually impregnable to hackers using the knowledge in this book. With over 50 recipes, you’ll quickly learn protection methodologies that use industry certified techniques to secure the Oracle database server.

Oracle 11g Anti-hacker's Cookbook

Cookbook
Adrian Neagu

Make your Oracle database virtually impregnable to hackers using the knowledge in this book. With over 50 recipes, you’ll quickly learn protection methodologies that use industry certified techniques to secure the Oracle database server.
$10.00
$54.99
RRP $32.99
RRP $54.99
eBook
Print + eBook
$12.99 p/month

Get Access

Get Unlimited Access to every Packt eBook and Video course

Enjoy full and instant access to over 3000 books and videos – you’ll find everything you need to stay ahead of the curve and make sure you can always get the job done.

+ Collection
Free Sample

Book Details

ISBN 139781849685269
Paperback302 pages

About This Book

  • Learn to protect your sensitive data by using industry certified techniques
  • Implement and use ultimate techniques in Oracle Security and new security features introduced in Oracle 11g R2
  • Implement strong network communication security using different encryption solutions provided by Oracle Advanced Security

Who This Book Is For

If you are an Oracle Database Administrator, Security Manager or Security Auditor looking to secure the Oracle Database or prevent it from being hacked, then this book is for you.

This book assumes you have a basic understanding of security concepts.

Table of Contents

Chapter 1: Operating System Security
Introduction
Using Tripwire for file integrity checking
Using immutable files to prevent modifications
Closing vulnerable network ports and services
Using network security kernel tunables to protect your system
Using TCP wrappers to allow and deny remote connections
Enforcing the use of strong passwords and restricting the use of previous passwords
Restricting direct login and su access
Securing SSH login
Chapter 2: Securing the Network and Data in Transit
Introduction
Hijacking an Oracle connection
Using OAS network encryption for securing data in motion
Using OAS data integrity for securing data in motion
Using OAS SSL network encryption for securing data in motion
Encrypting network communication using IPSEC
Encrypting network communication with stunnel
Encrypting network communication using SSH tunneling
Restricting the fly listener administration using the ADMIN_RESTRICTION_LISTENER parameter
Securing external program execution (EXTPROC)
Controlling client connections using the TCP.VALIDNODE_CHECKING listener parameter
Chapter 3: Securing Data at Rest
Introduction
Using block device encryption
Using filesystem encryption with eCryptfs
Using DBMS_CRYPTO for column encryption
Using Transparent Data Encryption for column encryption
Using TDE for tablespace encryption
Using encryption with data pump
Using encryption with RMAN
Chapter 4: Authentication and User Security
Introduction
Performing a security evaluation using Oracle Enterprise Manager
Using an offline Oracle password cracker
Using user profiles to enforce password policies
Using secure application roles
How to perform authentication using external password stores
Using SSL authentication
Chapter 5: Beyond Privileges: Oracle Virtual Private Database
Introduction
Using session-based application contexts
Implementing row-level access policies
Using Oracle Enterprise Manager for managing VPD
Implementing column-level access policies
Implementing VPD grouped policies
Granting exemptions from VPD policies
Chapter 6: Beyond Privileges: Oracle Label Security
Introduction
Creating and using label components
Defining and using compartments and groups
Using label policy privileges
Using trusted stored units
Chapter 7: Beyond Privileges: Oracle Database Vault
Introduction
Creating and using Oracle Database Vault realms
Creating and using Oracle Vault command rules
Creating and using Oracle Database Vault rulesets
Creating and using Oracle Database Vault factors
Creating and using Oracle Database Vault reports
Chapter 8: Tracking and Analysis: Database Auditing
Introduction
Determining how and where to generate audit information
Auditing sessions
Auditing statements
Auditing objects
Auditing privileges
Implementing fine-grained auditing
Integrating Oracle audit with SYSLOG
Auditing sys administrative users

What You Will Learn

  • Get to grips with configuring a secure server at operating system level for Oracle Database
  • Master how to secure data by using Oracle Cryptographic API and Transparent Data Encryption
  • Get step-by-step instructions to implement a solid audit strategy by using the built in solutions and fine grained auditing
  • Understand how to segregate and protect data access by using Oracle Vault
  • Learn about different types of attacks and how to implement a solid defence against them
  • Empathize the attacks and interceptions by using different techniques and tools such as sniffing, man-in-the-middle, brute force and password crackers.

In Detail

For almost all organizations, data security is a matter of prestige and credibility. The Oracle Database is one of the most rich in features and probably the most used Database in a variety of industries where security is essential. To ensure security of data both in transit and on the disk, Oracle has implemented the security technologies to achieve a reliable and solid system. In Oracle 11g Anti-Hacker's Cookbook, you will learn about the most important solutions that can be used for better database security.

"Oracle 11g Anti-hacker's Cookbook" covers all the important security measures and includes various tips and tricks to protect your Oracle Database.

"Oracle 11g Anti-hacker's Cookbook" uses real-world scenarios to show you how to secure the Oracle Database server from different perspectives and against different attack scenarios. Almost every chapter has a possible threads section, which describes the major dangers that can be confronted. The initial chapters cover how to defend the operating system, the network, the data and the users. The defense scenarios are linked and designed to prevent these attacks. The later chapters cover Oracle Vault, Oracle VPD, Oracle Labels, and Oracle Audit. Finally, in the Appendices, the book demonstrates how to perform a security assessment against the operating system and the database, and how to use a DAM tool for monitoring.

Authors

Table of Contents

Chapter 1: Operating System Security
Introduction
Using Tripwire for file integrity checking
Using immutable files to prevent modifications
Closing vulnerable network ports and services
Using network security kernel tunables to protect your system
Using TCP wrappers to allow and deny remote connections
Enforcing the use of strong passwords and restricting the use of previous passwords
Restricting direct login and su access
Securing SSH login
Chapter 2: Securing the Network and Data in Transit
Introduction
Hijacking an Oracle connection
Using OAS network encryption for securing data in motion
Using OAS data integrity for securing data in motion
Using OAS SSL network encryption for securing data in motion
Encrypting network communication using IPSEC
Encrypting network communication with stunnel
Encrypting network communication using SSH tunneling
Restricting the fly listener administration using the ADMIN_RESTRICTION_LISTENER parameter
Securing external program execution (EXTPROC)
Controlling client connections using the TCP.VALIDNODE_CHECKING listener parameter
Chapter 3: Securing Data at Rest
Introduction
Using block device encryption
Using filesystem encryption with eCryptfs
Using DBMS_CRYPTO for column encryption
Using Transparent Data Encryption for column encryption
Using TDE for tablespace encryption
Using encryption with data pump
Using encryption with RMAN
Chapter 4: Authentication and User Security
Introduction
Performing a security evaluation using Oracle Enterprise Manager
Using an offline Oracle password cracker
Using user profiles to enforce password policies
Using secure application roles
How to perform authentication using external password stores
Using SSL authentication
Chapter 5: Beyond Privileges: Oracle Virtual Private Database
Introduction
Using session-based application contexts
Implementing row-level access policies
Using Oracle Enterprise Manager for managing VPD
Implementing column-level access policies
Implementing VPD grouped policies
Granting exemptions from VPD policies
Chapter 6: Beyond Privileges: Oracle Label Security
Introduction
Creating and using label components
Defining and using compartments and groups
Using label policy privileges
Using trusted stored units
Chapter 7: Beyond Privileges: Oracle Database Vault
Introduction
Creating and using Oracle Database Vault realms
Creating and using Oracle Vault command rules
Creating and using Oracle Database Vault rulesets
Creating and using Oracle Database Vault factors
Creating and using Oracle Database Vault reports
Chapter 8: Tracking and Analysis: Database Auditing
Introduction
Determining how and where to generate audit information
Auditing sessions
Auditing statements
Auditing objects
Auditing privileges
Implementing fine-grained auditing
Integrating Oracle audit with SYSLOG
Auditing sys administrative users

Book Details

ISBN 139781849685269
Paperback302 pages
Read More