Re: Question re security

From: D'Hooge Freek <Freek.DHooge_at_uptime.be>
Date: Fri, 17 Jan 2014 07:10:33 +0000
Message-ID: <1389942633.18206.123.camel_at_dhoogfr-lpt1>

Going to be fun, as in 11.2 the listener password got deprecated and got desupported in 12c (according to the documentation).

--
Freek D'Hooge
Uptime
Oracle Database Administrator
email: freek.dhooge_at_uptime.be<mailto:freek.dhooge_at_uptime.be> tel +32(03) 451 23 82
http://www.uptime.be

On do, 2014-01-16 at 11:35 -0500, Patterson, Joel wrote: Not sure about this year, but the last few years, it was insisted to use a password with the listener.

No amount of docs or logic prevailed.

I never know what to expect. Indeed the old faces are out and are replaced with new faces. The new faces are now younger than the old faces… J

Joel Patterson

Database Administrator

904 928-2790

From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of bill thater Sent: Thursday, January 16, 2014 10:51 AM To: Nuno Souto
Cc: Oracle L
Subject: RE: Question re security

I still get questions why I need privs to install Oracle software. My answer is" if you want it installed without privs talk to Oracle, until then, that's what I need" I'm not well liked;-)

sent from my Windows Phone
Bill"shrek" thater Oracle DBA
Shrekdba_at_Gmail.com<mailto:Shrekdba_at_Gmail.com> "one ping to rule them all
One ping to find them
One ping to bring them all
And in the mutex bind them!"

From: Nuno Souto
Sent: 1/16/2014 2:42 AM
Cc: Oracle L
Subject: Re: Question re security

On 16/01/2014 5:49 PM, david_at_databasesecurity.com<mailto:david_at_databasesecurity.com> wrote:

Thanks! Good to see my opinion is shared by someone. The problem is when kids with no experience whatsoever of running IT sites are given free hand in coming up with security strategies and such. I mean, when a network "expert" claims a database is not secure because the listener is not using the usual 1521 port and does not ask for a password upfront, the only comment I can possibly offer is: "go take an Oracle 101 and a network 101 course and AFTER that, let's see if you still think that way".

--
Cheers
Nuno Souto
dbvision_at_iinet.net.au<mailto:dbvision_at_iinet.net.au>

>Who here has database servers, app servers, admin and dev workstations,

>each in its own subnet (4 subnets),
>with firewalls between each subnet,
>all inside the company's intranet?

>I'd just like to know why and what security expectations, imperatives,
>constraints/conditions are being addressed/resolved by such a setup?

It depends on what you’re trying to protect. If it’s nuclear launch codes then yes – defence in depth – which this config is a typical example of – is the way to go. If the data is a list of recipes for cupcakes though this would indeed be overkill

Cheers,

David

Joel Patterson
Sr. Database Administrator | Enterprise Integration Phone: 904-928-2790 | Fax: 904-733-4916 www.entint.com<http://www.entint.com/>

[http://i1202.photobucket.com/albums/bb367/Entint/signaturev61.jpg]<http://www.entint.com/>

[http://www.facebook.com/pages/Enterprise-Integration/212351215444231]<http://www.facebook.com/pages/Enterprise-Integration/212351215444231> [http://twitter.com/#!/entint] <http://twitter.com/#!/entint> [http://www.linkedin.com/company/18276?trk=tyah] <http://www.linkedin.com/company/18276?trk=tyah> [http://www.youtube.com/user/ValueofIT] <http://www.youtube.com/user/ValueofIT>

This message (and any associated files) is intended only for the use of the addressee and may contain information that is confidential, subject to copyright or constitutes a trade secret. If you are not the intended recipient, you are hereby notified that any dissemination, copying or distribution of this message, or files associated with this message, is strictly prohibited. If you have received this message in error, please notify us immediately by replying to the message and deleting it from your computer. Messages sent to and from us may be monitored. Any views or opinions presented are solely those of the author and do not necessarily represent those of the company. [v.1.1]

--
http://www.freelists.org/webpage/oracle-l

Received on Fri Jan 17 2014 - 08:10:33 CET

This message: [ Message body ]
Next message: Kim Berg Hansen: "Re: Question on IOT with ascending primary key with a twist"
Previous message: Nuno Souto: "Re: Question re security"
In reply to: Patterson, Joel: "RE: Question re security"
Next in thread: Job Miller: "Re: Question re security"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message