- Oracle 11g Anti-hacker's Cookbook
- Adrian Neagu
- 449字
- 2021-08-05 18:41:31
Introduction
The number of security threats related to operating systems and databases are increasing every day, and this trend is expected to continue. Therefore, effective countermeasures to reduce or eliminate these threats must be found and applied. The database administrators and system administrators should strive to maintain a secure and stable environment for the systems they support. The need for securing and ensuring that the database servers are operational is crucial, especially in cases in which we are working with mission critical systems that require uninterrupted access to data stored in Oracle Databases.
In this chapter, we will focus on some operating system security measures to be taken to have a reliable, stable, and secure system. Obviously operating system security is a vast domain and to cover this subject in a few pages is not possible. However, we can briefly describe several key items that can provide a starting point to address some of the concerns we will highlight in our recipes.
Briefly, the possible operating security threats are:
- Denial of service
- Exploits and vulnerabilities
- Backdoors, viruses, and worms
- Operating system bugs
Recommendations and guidelines:
- Develop a patching policy.
- Perform security assessments regularly.
- Try to use hard-to-guess passwords.
- Disable direct root login and create a special login user. It would be also easier to perform auditing.
- Limit the number of users.
- Limit the number of users who can issue the
sucommand to become the root or oracle owner user. - Limit the number of services started, use only the necessary ones.
- Limit the number of open ports.
- Refrain from using symbolic links whenever possible.
- Do not give more permissions to users than is necessary.
- Secure
ssh. - Use firewalls.
In these series of recipes for the server environment, we will use the operating system Red Hat Enterprise Linux Server release 6.0 (Santiago) 64-bit version. For the client environment we will use the Fedora 11 update 11 64-bit version. The server hostname will be nodeorcl1 and the client hostname will be nodeorcl5. All machines used are virtual machines, created with Oracle Virtual Box 4.1.12.
As a preliminary task before we start, prepare the server environment in terms of kernel parameters, directories, users, groups, and software installation as instructed in Oracle? Database Installation Guide 11g Release 2 (11.2) for Linux (http://docs.oracle.com/cd/E11882_01/install.112/e24321/toc.htm). Download and install Oracle Enterprise Edition 11.2.0.3, create a database called HACKDB, configured with Enterprise Manager and Sample Schemas, and define a listener called LISTENER with a default port of 1521.
Due to the limited page constraints, we will omit the description of each command and their main differences on other Linux distributions or Unix variants. The most important thing to understand is the main concept behind every security measure.
- 面向STEM的mBlock智能機器人創(chuàng)新課程
- 網(wǎng)絡(luò)服務(wù)器架設(shè)(Windows Server+Linux Server)
- 人工免疫算法改進及其應(yīng)用
- Ansible Quick Start Guide
- 條碼技術(shù)及應(yīng)用
- 精通特征工程
- 構(gòu)建高性能Web站點
- Android游戲開發(fā)案例與關(guān)鍵技術(shù)
- 悟透AutoCAD 2009完全自學手冊
- Chef:Powerful Infrastructure Automation
- Mastering SQL Server 2014 Data Mining
- 巧學活用Photoshop
- 工業(yè)機器人與自控系統(tǒng)的集成應(yīng)用
- 案例解說虛擬儀器典型控制應(yīng)用
- Mastering Windows Group Policy