- Oracle 11g Anti-hacker's Cookbook
- Adrian Neagu
- 449字
- 2021-08-05 18:41:31
Introduction
The number of security threats related to operating systems and databases are increasing every day, and this trend is expected to continue. Therefore, effective countermeasures to reduce or eliminate these threats must be found and applied. The database administrators and system administrators should strive to maintain a secure and stable environment for the systems they support. The need for securing and ensuring that the database servers are operational is crucial, especially in cases in which we are working with mission critical systems that require uninterrupted access to data stored in Oracle Databases.
In this chapter, we will focus on some operating system security measures to be taken to have a reliable, stable, and secure system. Obviously operating system security is a vast domain and to cover this subject in a few pages is not possible. However, we can briefly describe several key items that can provide a starting point to address some of the concerns we will highlight in our recipes.
Briefly, the possible operating security threats are:
- Denial of service
- Exploits and vulnerabilities
- Backdoors, viruses, and worms
- Operating system bugs
Recommendations and guidelines:
- Develop a patching policy.
- Perform security assessments regularly.
- Try to use hard-to-guess passwords.
- Disable direct root login and create a special login user. It would be also easier to perform auditing.
- Limit the number of users.
- Limit the number of users who can issue the
sucommand to become the root or oracle owner user. - Limit the number of services started, use only the necessary ones.
- Limit the number of open ports.
- Refrain from using symbolic links whenever possible.
- Do not give more permissions to users than is necessary.
- Secure
ssh. - Use firewalls.
In these series of recipes for the server environment, we will use the operating system Red Hat Enterprise Linux Server release 6.0 (Santiago) 64-bit version. For the client environment we will use the Fedora 11 update 11 64-bit version. The server hostname will be nodeorcl1 and the client hostname will be nodeorcl5. All machines used are virtual machines, created with Oracle Virtual Box 4.1.12.
As a preliminary task before we start, prepare the server environment in terms of kernel parameters, directories, users, groups, and software installation as instructed in Oracle? Database Installation Guide 11g Release 2 (11.2) for Linux (http://docs.oracle.com/cd/E11882_01/install.112/e24321/toc.htm). Download and install Oracle Enterprise Edition 11.2.0.3, create a database called HACKDB, configured with Enterprise Manager and Sample Schemas, and define a listener called LISTENER with a default port of 1521.
Due to the limited page constraints, we will omit the description of each command and their main differences on other Linux distributions or Unix variants. The most important thing to understand is the main concept behind every security measure.
- 大數據技術與應用基礎
- Python Artificial Intelligence Projects for Beginners
- Photoshop CS4經典380例
- Hands-On Data Science with SQL Server 2017
- 群體智能與數據挖掘
- 基于多目標決策的數據挖掘方法評估與應用
- 系統安裝與重裝
- Arduino &樂高創意機器人制作教程
- Statistics for Data Science
- Working with Linux:Quick Hacks for the Command Line
- Mastering MongoDB 3.x
- 30天學通Java Web項目案例開發
- 從零開始學ASP.NET
- JSP通用范例開發金典
- JSP網絡開發入門與實踐