Re: SQL audit
Date: Tue, 22 Dec 2009 08:50:32 -0800 (PST)
Hey, I didn't say I won all the fights in those justifications battles, now did I? :) There are going to be times when a DBA knows better than a non-technical person, even those who are supposed to be specialists in SOX compliance of database financial systems, but as we all know, we sometimes have to do what we are told to do... :)
"Go away before I replace you with a very small and efficient shell script..."
- On Tue, 12/22/09, William Muriithi <william.muriithi_at_epicadvertising.com> wrote:
From: William Muriithi <william.muriithi_at_epicadvertising.com>
Subject: Re: SQL audit
To: "'John.Hallas_at_morrisonsplc.co.uk'" <John.Hallas_at_morrisonsplc.co.uk>, "'kjped1313_at_yahoo.com'" <kjped1313_at_yahoo.com>, "'rtylka_at_gmail.com'" <rtylka_at_gmail.com>, "'jkstill_at_gmail.com'" <jkstill_at_gmail.com> Cc: "'oracle-l_at_freelists.org'" <oracle-l_at_freelists.org> Date: Tuesday, December 22, 2009, 8:50 AM
Interesting. It has never occurred to me that there could be disadvantages of password protecting the listener.
Would you be in the know on the logic behind this recommendation?
From: oracle-l-bounce_at_freelists.org <oracle-l-bounce_at_freelists.org>
To: kjped1313_at_yahoo.com <kjped1313_at_yahoo.com>; rtylka_at_gmail.com <rtylka_at_gmail.com>; jkstill_at_gmail.com <jkstill_at_gmail.com>
Cc: Oracle-l <oracle-l_at_freelists.org>
Sent: Tue Dec 22 03:45:59 2009
Subject: RE: SQL audit
But Oracle’s recommendation is not to password protector the listener from 10G onwards
From: oracle-l-bounce_at_freelists.org [mailto: oracle-l-bounce_at_freelists.org ] On Behalf Of Kellyn Pedersen
Sent: 22 December 2009 02:02
To: rtylka_at_gmail.com; jkstill_at_gmail.com Cc: Oracle-l
Subject: Re: SQL audit
I have had to implement auditing on Oracle Apps 11i and the auditors required it for SOX compliance, so first thing I would request is the auditor requirements that they need to track. You might be surprised how little you actually have to audit or even turn on.
You also have the opportunity to challenge and demand they justify many of the requests, as they often will not even know what they are requesting or that some features are already tracked automatically by Oracle and you just need to write out a justification response of your own.
The odd items I did need to implement were:
- a shell script to track that the listener was password protected at all times.
Wm Morrison Supermarkets Plc is registered in England with number 358949. The registered office of the company is situated at Gain Lane, Bradford, West Yorkshire BD3 7DL. This email and any attachments are intended for the addressee(s) only and may be confidential.
If you are not the intended recipient, please inform the sender by replying to the email that you have received in error and then destroy the email. If you are not the intended recipient, you must not use, disclose, copy or rely on the email or its attachments in any way.
Wm Morrison Supermarkets PLC accepts no liability or responsibility for anything said in the email or its attachments and gives no warranty as to accuracy. It is the policy of Wm Morrison Supermarkets PLC not to enter into any contractual or other obligations by email.
Although we have taken steps to ensure the email and its attachments are virus-free, we cannot guarantee this or accept any responsibility, and it is the responsibility of recipients to carry out their own virus checks.
Received on Tue Dec 22 2009 - 10:50:32 CST