| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> Re: internet secure solutions
In article <F001.005DC5EE.20040110152926_at_fatcity.com>, nelson flores
<nflores_at_expand.cl> writes
>Something important to take into account when talking about security, is
>the problem with "if you don't know it's happening you can't stop it..."
>..
>Remember to read/analyze logs for unusual stuff (Oracle or FW logs)...
>preferably with an IDS, as it makes the job of finding out whether you
>have a security breach a whole lot easier.
>
>
Good point, the checklists on my site also talk about Oracle auditing - I have a paper on auditing and also my paper "detecting SQL injection on Oracle" (http://www.petefinnigan.com/orasec.htm) talks about some ideas for trapping actions such as SQL Injection. As you also say analysing firewall logs with or without an IDS is also very important.
Kind regards
Pete
-- Pete Finnigan email:pete_at_petefinnigan.com Web site: http://www.petefinnigan.com - Oracle security audit specialists Book:Oracle security step-by-step Guide - see http://store.sans.org for details. -- Please see the official ORACLE-L FAQ: http://www.orafaq.net -- Author: Pete Finnigan INET: oracle_list_at_peterfinnigan.demon.co.uk Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).Received on Sun Jan 11 2004 - 15:24:24 CST
 |
 |