Ebook Practical oracle security: Your unauthorized guide to relational database security

Ebook Practical oracle security: Your unauthorized guide to relational database security includes contents: Chapter 1: Oracle security: the big picture; Chapter 2: File system; Chapter 3: TNS listener security; Chapter 4: Managing default accounts; Chapter 5: PUBLIC privileges; Chapter 6: Software updates; Chapter 7: Passwords and password controls; Chapter 8: Database activity monitoring; Chapter 9: Implementation guide.
Nội dung trích xuất từ tài liệu:
Ebook Practical oracle security: Your unauthorized guide to relational database security www.dbebooks.com - Free Books & magazines 455_Oracle_FM.qxd 10/19/07 2:28 PM Page iii Practical Oracle Security YOUR UNAUTHORIZED GUIDE TO R E L AT I O N A L D ATA B A S E S E C U R I T Y Josh Shaul Aaron Ingram 455_Oracle_FM.qxd 10/19/07 2:28 PM Page iv Elsevier, Inc., the author(s), and any person or firm involved in the writing, editing, or production (collectively “Makers”) of this book (“the Work”) do not guarantee or warrant the results to be obtained from the Work. There is no guarantee of any kind, expressed or implied, regarding the Work or its contents.The Work is sold AS IS and WITHOUT WARRANTY.You may have other legal rights, which vary from state to state. In no event will Makers be liable to you for damages, including any loss of profits, lost savings, or other incidental or consequential damages arising out from the Work or its contents. Because some states do not allow the exclusion or limitation of liability for consequential or incidental damages, the above limitation may not apply to you. You should always use reasonable care, including backup and other appropriate precautions, when working with computers, networks, data, and files. Syngress Media®, Syngress®, “Career Advancement Through Skill Enhancement®,” “Ask the Author UPDATE®,” and “Hack Proofing®,” are registered trademarks of Elsevier, Inc. “Syngress:The Definition of a Serious Security Library”™, “Mission Critical™,” and “The Only Way to Stop a Hacker is to Think Like One™” are trademarks of Elsevier, Inc. Brands and product names mentioned in this book are trademarks or service marks of their respective companies. PUBLISHED BY Syngress Publishing, Inc. 800 Hingham Street Rockland, MA 02370 Practical Oracle Security Copyright © 2007 by Elsevier, Inc. All rights reserved. Printed in the United States of America. Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher, with the exception that the program listings may be entered, stored, and executed in a computer system, but they may not be reproduced for publication. Printed in the United States of America 1 2 3 4 5 6 7 8 9 0 ISBN 13: 978-1-59749-198-3 Publisher: Amorette Pedersen Page Layout and Art: Patricia Lupien Acquisitions Editor: Andrew Williams Copy Editor: Judy Eby Technical Editor: Mike Petruzzi Indexer: Odessa&Cie Cover Designer: Michael Kavish For information on rights, translations, and bulk sales, contact Matt Pedersen, Director of Sales and Rights, at Syngress Publishing; email matt@syngress.com or fax to 781-681-3585. 455_Oracle_FM.qxd 10/19/07 2:28 PM Page v Author Acknowledgments From Aaron To Irving Pector, Dennis Shasha, his co-author Josh and his parents for their endless encouragement. To his mentors past and present for their wisdom: Bill Bond, Duane Schwartz, Hans Delly, Bob Fitterman, and Candace Martin From Josh To my wife Jill and my daughter Marlee Rose who endured many long nights with none of my attention. To my mentors in the security world Tim Ober and Aaron Newman who taught me much of what I know. And to my parents, for making me believe that success is possible in any endeavor. From Both To the crew at AppSecInc who made this all possible: Esteban, Cesar, Sean, Eric, Aaron, John,Tom, and Team SHATTER. v 455_Oracle_FM.qxd 10/19/07 2:28 PM Page vi 455_Oracle_FM.qxd 10/19/07 2:28 PM Page vii Authors Aaron Ingram has fifteen years experience developing enterprise software, focusing on database systems and security applications. After graduating with a Bachelor’s degree in computer science from Columbia University, he worked at Accenture as a consultant for Fortune 500 financial and telecom- munication companies and for various government agencies. He then worked for ShieldIP creating Digital Rights Protection technology. Most recently, he merged his extensive database background with his security skills to manage the development of Application Security’s real-time database intrusion detection and security auditing solution, AppRadar. Josh Shaul got started in the security industry with SafeNet, Inc. in 1997, working on the industry’s first complete IPsec accelerator chip. During a five year tenure as a SafeNet developer, Josh spent time designing, devel- oping and enhancing SafeNet’s embedded security solutions for a wide range of applications. For the last four years Josh has focused primarily on field engineering, helping companies deploy security software and ...