| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: HELP! ORACLE ADVICE NEEDED ASAP!!
One more security question that may not relate to this one:
How can I configure an Oracle listener to listen only TNS calls from one specific domain or IP?
Thanks,
Jinsong
Allen Pickel wrote in message <377CDED9.169BC457_at_us.oracle.com>...
>Basically security as it applies to the questions you ask addresses that
>warm and fuzzy feeling you have of knowing that if something goes wrong you
>have done the easiest things you can do ensure recovery.
>
>To answer your questions:
>
>1. Users who have system table space as default and have been granted
>privileges to create database objects, especially tables and views, may
>inadvertenlty USE UP all available resources that the system may require -
>not a good thing. Your database will quit functioning due to various
>errors depending on how/which resource is used up.
>
>2. If archive logging is not turned on you risk the possibility of not
>being able to recover CRITICAL data in event of a database crash or
>corruption. You need to know where the archive logs are being saved and
>ensure that only trusted individuals such as your DBA have privileges to
>these files to ensure they are not inadvertently
>deleted/truncated/corrupted thus rendering recovery of CRITICAL data
>impossible.
>
>3. Multiple redo logs ensure data integrity and greatly increase the
>possibility of recovery if disk failure occurs. That is, if disk A and B
>store redo logs and the database goes down due to a disk crash and suppose
>disk A crashes as well, disk B redo logs can be used to recover the
>database to the point in time the crash occurred.
>
>The question you have to ask - "Do I want to be responsible for losing
>CRITICAL DATA due to poor security measures at the lowest level?"
>
>For additional information read the Oracle Backup and Recovery Guide or
>Server Concepts Manuals..
>
>HTH
>
>Allen Pickel
>Oracle Support Services
>
>heebe_at_my-deja.com wrote:
>
>> Please help,
>>
>> I am conducting an Oracle security Review and have come to an impasse
>> regarding the following steps:
>>
>> 1. Review the script output for the USER PRIVILEGE DUMP to determine
>> whether any users have been granted default tablespace of SYSTEM.
>>
>> 2. Review the script output for the LOG FILE DUMP to determine whether
>> the archivelog is activated for critical database files; Review the
>> script output for the PARAMETERS DUMP to determine where archive logs
>> are maintained; Determine whether archive logs are protected from
>> logical access; Determine whether a copy of the archive logs are
>> maintained off-site; Determine whether physical security over archive
>> logs is maintained.
>>
>> 3. Ensure that multiple Redo Logs are maintained on Different Servers.
>>
>> What is the risk with regard to these items? Why do I need to worry
>> about the above steps. Any advice is appreciated!!!
>>
>> heebe_at_hotmail.com
>>
>> Sent via Deja.com http://www.deja.com/
>> Share what you know. Learn what you don't.
>
Received on Fri Jul 02 1999 - 13:04:51 CDT
 |
 |