Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: How do you audit a DBA?

RE: How do you audit a DBA?

From: Rachel Carmichael <carmichr_at_hotmail.com>
Date: Thu, 23 Aug 2001 13:33:01 -0700
Message-ID: <F001.00376079.20010823132221@fatcity.com> 






sorry, that's Oracle Security Handbook




>From: "Rachel Carmichael" <carmichr_at_hotmail.com>

>Reply-To: ORACLE-L_at_fatcity.com

>To: Multiple recipients of list ORACLE-L <ORACLE-L_at_fatcity.com>

>Subject: RE: How do you audit a DBA?

>Date: Thu, 23 Aug 2001 12:25:48 -0800

>

>Marlene Theriault wrote that book... and she's got a new one coming out 

>soon

>from Oracle Press, Oracle8i Security Handbook

>

>

>>From: "Boivin, Patrice J" <BoivinP_at_mar.dfo-mpo.gc.ca>

>>Reply-To: ORACLE-L_at_fatcity.com

>>To: Multiple recipients of list ORACLE-L <ORACLE-L_at_fatcity.com>

>>Subject: RE: How do you audit a DBA?

>>Date: Thu, 23 Aug 2001 11:02:12 -0800

>>

>>You might want to take a peek at the relatively old Oracle Security book 

>>by

>>O'Reilly Press, it talks about triggers.

>>

>>Waleed is right though, if you can't trust your DBA, who can you trust?

>>Also, if you don't trust the DBA, what hiring policies were followed when

>>recruiting and hiring a DBA???

>>

>>Patrice Boivin

>>Systems Analyst (Oracle Certified DBA)

>>

>>Systems Admin & Operations | Admin. et Exploit. des systèmes

>>Technology Services        | Services technologiques

>>Informatics Branch         | Direction de l'informatique

>>Maritimes Region, DFO      | Région des Maritimes, MPO

>>

>>E-Mail: boivinp_at_mar.dfo-mpo.gc.ca <mailto:boivinp_at_mar.dfo-mpo.gc.ca>

>>

>>

>>      -----Original Message-----

>>      From:   Khedr, Waleed [SMTP:Waleed.Khedr_at_FMR.COM]

>>      Sent:   Thursday, August 23, 2001 2:12 PM

>>      To:     Multiple recipients of list ORACLE-L

>>      Subject:        RE: How do you audit a DBA?

>>

>>      If you don't trust the DBA then fire him!

>>

>>      DBA has access to do everything including the audit records which

>>he/she can

>>      modify easily!

>>

>>      Waleed

>>

>>      -----Original Message-----

>>      Sent: Thursday, August 23, 2001 12:52 PM

>>      To: Multiple recipients of list ORACLE-L

>>

>>

>>      you'd better audit changes to the trigger, and then changes to

>>SYS.AUD$


>>

>>      otherwise the DBA could disable the trigger, make the changes and

>>re-enable

>>      it

>>

>>

>>

>>

>>      >From: Dave Leach <Dave.Leach_at_claybrook.co.uk>

>>      >Reply-To: ORACLE-L_at_fatcity.com

>>      >To: Multiple recipients of list ORACLE-L <ORACLE-L_at_fatcity.com>

>>      >Subject: How do you audit a DBA?

>>      >Date: Thu, 23 Aug 2001 07:56:29 -0800

>>      >

>>      >Anyone who can help,

>>      >

>>      >I've been asked if Oracle can somehow audit the DBA ie. Raise an

>>alert if

>>      >the DBA were to execute DML statements against sensitive tables,

>>this

>>      >assumes the DBA has the SYS password.  I thought this was a pretty

>>      >reasonable question but couldn't think of an answer.  My trail of

>>though

>>      >was

>>      >maybe an email alert to a designated member of staff sent via a

>>trigger on

>>      >the table.

>>      >

>>      >Any comments would be very appreciated.

>>      >

>>      >Dave Leach

>>      >

>>      >

>>      >

>>      >

>>

>> >**********************************************************************

>>      >The above information is confidential to the addressee and may be

>>      >privileged.  Unauthorised access and use is prohibited.

>>      >

>>      >Internet communications are not secure and therefore this Company

>>does

>>      >not accept legal responsibility for the contents of this message.

>>      >

>>      >If you are not the intended recipient, any disclosure, copying,

>>      >distribution or any action taken or omitted to be taken in reliance

>>on

>>      >it, is prohibited and may be unlawful.

>>      >

>>      >Claybrook Computing Limited is a subsidiary of

>>      >Claybrook Computing (Holdings) Limited

>>      >Registered Office: Abbey House. 282 Farnborough Road, Farnborough,

>>      >Hampshire GU14 7NJ

>>      >Registered in England and Wales No 1287205

>>      >

>>      >A Hogg Robinson plc company

>>

>> >**********************************************************************

>>      >--

>>      >Please see the official ORACLE-L FAQ: http://www.orafaq.com

>>      >--

>>      >Author: Dave Leach

>>      >   INET: Dave.Leach_at_claybrook.co.uk

>>      >

>>      >Fat City Network Services    -- (858) 538-5051  FAX: (858) 538-5051

>>      >San Diego, California        -- Public Internet access / Mailing

>>Lists

>>

>> >--------------------------------------------------------------------

>>      >To REMOVE yourself from this mailing list, send an E-Mail message

>>      >to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in

>>      >the message BODY, include a line containing: UNSUB ORACLE-L

>>      >(or the name of mailing list you want to be removed from).  You may

>>      >also send the HELP command for other information (like

>>subscribing).

>>

>>

>>      _________________________________________________________________

>>      Get your FREE download of MSN Explorer at

>>http://explorer.msn.com/intl.asp

>>

>>      --

>>      Please see the official ORACLE-L FAQ: http://www.orafaq.com

>>      --

>>      Author: Rachel Carmichael

>>        INET: carmichr_at_hotmail.com

>>

>>      Fat City Network Services    -- (858) 538-5051  FAX: (858) 538-5051

>>      San Diego, California        -- Public Internet access / Mailing

>>Lists

>>      --------------------------------------------------------------------

>>      To REMOVE yourself from this mailing list, send an E-Mail message

>>      to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in

>>      the message BODY, include a line containing: UNSUB ORACLE-L

>>      (or the name of mailing list you want to be removed from).  You may

>>      also send the HELP command for other information (like subscribing).

>>      --

>>      Please see the official ORACLE-L FAQ: http://www.orafaq.com

>>      --

>>      Author: Khedr, Waleed

>>        INET: Waleed.Khedr_at_FMR.COM

>>

>>      Fat City Network Services    -- (858) 538-5051  FAX: (858) 538-5051

>>      San Diego, California        -- Public Internet access / Mailing

>>Lists

>>      --------------------------------------------------------------------

>>      To REMOVE yourself from this mailing list, send an E-Mail message

>>      to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in

>>      the message BODY, include a line containing: UNSUB ORACLE-L

>>      (or the name of mailing list you want to be removed from).  You may

>>      also send the HELP command for other information (like subscribing).

>>--

>>Please see the official ORACLE-L FAQ: http://www.orafaq.com

>>--

>>Author: Boivin, Patrice J

>>   INET: BoivinP_at_mar.dfo-mpo.gc.ca

>>

>>Fat City Network Services    -- (858) 538-5051  FAX: (858) 538-5051

>>San Diego, California        -- Public Internet access / Mailing Lists

>>--------------------------------------------------------------------

>>To REMOVE yourself from this mailing list, send an E-Mail message

>>to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in

>>the message BODY, include a line containing: UNSUB ORACLE-L

>>(or the name of mailing list you want to be removed from).  You may

>>also send the HELP command for other information (like subscribing).

>

>

>_________________________________________________________________

>Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp

>

>--

>Please see the official ORACLE-L FAQ: http://www.orafaq.com

>--

>Author: Rachel Carmichael

>  INET: carmichr_at_hotmail.com

>

>Fat City Network Services    -- (858) 538-5051  FAX: (858) 538-5051

>San Diego, California        -- Public Internet access / Mailing Lists

>--------------------------------------------------------------------

>To REMOVE yourself from this mailing list, send an E-Mail message

>to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in

>the message BODY, include a line containing: UNSUB ORACLE-L

>(or the name of mailing list you want to be removed from).  You may

>also send the HELP command for other information (like subscribing).







Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp


-- 
Please see the official ORACLE-L FAQ: http://www.orafaq.com
-- 
Author: Rachel Carmichael
  INET: carmichr_at_hotmail.com

Fat City Network Services    -- (858) 538-5051  FAX: (858) 538-5051
San Diego, California        -- Public Internet access / Mailing Lists
--------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).


Received on Thu Aug 23 2001 - 15:33:01 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US