Re: Question re security

From: Nuno Souto <dbvision_at_iinet.net.au>
Date: Thu, 16 Jan 2014 19:40:13 +1100
Message-ID: <52D79AED.4020805_at_iinet.net.au>

On 16/01/2014 5:49 PM, david_at_databasesecurity.com wrote:

Thanks! Good to see my opinion is shared by someone. The problem is when kids with no experience whatsoever of running IT sites are given free hand in coming up with security strategies and such. I mean, when a network "expert" claims a database is not secure because the listener is not using the usual 1521 port and does not ask for a password upfront, the only comment I can possibly offer is: "go take an Oracle 101 and a network 101 course and AFTER that, let's see if you still think that way".

-- 
Cheers
Nuno Souto
dbvision_at_iinet.net.au





> >Who here has database servers, app servers, admin and dev workstations,

> >each in its own subnet (4 subnets),

> >with firewalls between each subnet,

> >all inside the company's intranet?

>

> >I'd just like to know why and what security expectations, imperatives,

> >constraints/conditions are being addressed/resolved by such a setup?

>

> It depends on what you’re trying to protect. If it’s nuclear launch 

> codes then yes – defence in depth – which this config is a typical 

> example of – is the way to go. If the data is a list of recipes for 

> cupcakes though this would indeed be overkill

> :)

> Cheers,

> David




--
http://www.freelists.org/webpage/oracle-l

Received on Thu Jan 16 2014 - 09:40:13 CET

This message: [ Message body ]
Next message: Nuno Souto: "Re: Security experts and auditing..."
Previous message: D'Hooge Freek: "Re: Some idea for the security hole in database links"
In reply to: david_at_databasesecurity.com: "Re: Question re security"
Next in thread: Hans Forbrich: "Re: Question re security"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message