Thursday, January 18, 2007

Oracle Patches and Database Security

Oracle has had its share of security issues, to say the least, but came out this week with an astounding 51 patches.

In honor of the occassion, I've added several links to my web site about database security:
These are two outstanding sites about Oracle security, in particular:
The Finnigan site has a blog with current issues and vulnerabilities, tools, articles and just tons and tons of stuff devoted entirely to Oracle security. The O'Reilly site is badly dated -- it's sample chapter from their out-of-print classic -- but it still has some general information about Oracle security that might be of interest.

There's also two books about database security, one currently available from Amazon and the other scheduled for release by the end of this month.
And, of course, to state the obvious, besides all the above technical controls specifically for databases, any database server should be hardened like any other server with limited access, up-to-date patches, unneeded services and ports turned off, and sufficient firewall, and anti-malware protection.

0 Comments:

Post a Comment

<< Home