What do you get with Print?

Instant access to your digital eBook copy whilst your Print order is Shipped

Paperback book shipped to your preferred address

Download this book in EPUB and PDF formats

Access this title in our online reader with advanced features

DRM FREE - Read whenever, wherever and however you want

Oracle 11g Anti-hacker's Cookbook

Chapter 2. Securing the Network and Data in Transit

In this chapter we will cover the following topics:

Hijacking an Oracle connection
Using OAS network encryption for securing data in motion
Using OAS data integrity for securing data in motion
Using OAS SSL network encryption for securing data in motion
Encrypting network communication using IPSEC
Encrypting network communication with stunnel
Encrypting network communication with SSH tunneling
Restricting the fly listener administration using ADMIN_RESTRICTION_LISTENER parameter
Securing external program execution (EXTPROC)
Controlling the client connections using the TCP.VALIDNODE_CHECKING listener parameter

Key benefits

Learn to protect your sensitive data by using industry certified techniques

Implement and use ultimate techniques in Oracle Security and new security features introduced in Oracle 11g R2

Implement strong network communication security using different encryption solutions provided by Oracle Advanced Security

Description

For almost all organizations, data security is a matter of prestige and credibility. The Oracle Database is one of the most rich in features and probably the most used Database in a variety of industries where security is essential. To ensure security of data both in transit and on the disk, Oracle has implemented the security technologies to achieve a reliable and solid system. In Oracle 11g Anti-Hacker's Cookbook, you will learn about the most important solutions that can be used for better database security."Oracle 11g Anti-hacker's Cookbook" covers all the important security measures and includes various tips and tricks to protect your Oracle Database."Oracle 11g Anti-hacker's Cookbook" uses real-world scenarios to show you how to secure the Oracle Database server from different perspectives and against different attack scenarios. Almost every chapter has a possible threads section, which describes the major dangers that can be confronted. The initial chapters cover how to defend the operating system, the network, the data and the users. The defense scenarios are linked and designed to prevent these attacks. The later chapters cover Oracle Vault, Oracle VPD, Oracle Labels, and Oracle Audit. Finally, in the Appendices, the book demonstrates how to perform a security assessment against the operating system and the database, and how to use a DAM tool for monitoring.

What you will learn

Get to grips with configuring a secure server at operating system level for Oracle Database

Master how to secure data by using Oracle Cryptographic API and Transparent Data Encryption

Get step-by-step instructions to implement a solid audit strategy by using the built in solutions and fine grained auditing

Understand how to segregate and protect data access by using Oracle Vault

Learn about different types of attacks and how to implement a solid defence against them

Empathize the attacks and interceptions by using different techniques and tools such as sniffing, man-in-the-middle, brute force and password crackers.

What do you get with Print?

Instant access to your digital eBook copy whilst your Print order is Shipped

Paperback book shipped to your preferred address

Download this book in EPUB and PDF formats

Access this title in our online reader with advanced features

DRM FREE - Read whenever, wherever and however you want

Frequently bought together

$60.99

Oracle Database 11gR2 Performance Tuning Cookbook

$60.99

Oracle Database 12c Backup and Recovery Survival Guide

$65.99

Total $ 187.97

LewisC Nov 21, 2012

I'm not usually a big fan of technical cookbooks. Usually the books will only have one or two useful routines. If a person is a programmer, the book will be from their body of knowledge. If they are DBA, it will be from the administration side. Either of these tends to limit the breadth of a cookbook. That's like a cooking cookbook with no soup section. I like soup. I want soup. Now I'm hungry.This book is quite a bit different. To start off, the author is certified in DB2 and Oracle as an adminstrator (which, for security is more important than a programming background). However, the author is also certified as a system administrator. In an anti-hacking cookbook, that is critical. If you don't secure your perimeter, everything else will be a lot easier to crack.Here is his bio from the book:Adrian Neagu has over ten years of experience as a database administrator, mainly with DB2 and Oracle databases. He is an Oracle Certified Master 10g, Oracle Certified Professional 9i, 10g, and 11g, IBM DB2 Certified Administrator version 8.1.2 and 9, IBM DB2 9 Advanced Certified Administrator 9, and Sun Certified System Administrator Solaris 10. He is an expert in many areas of database administration such as performance tuning, high availability, replication, backup, and recovery.The book itself is not a huge tome. It weighs in at 302 pages. You can view the second chapter, Securing the Network and Data in Transit, for free.I was already very familiar with the topics covered in Chapters 3 through 5 and Chapter 8. The other chapters provided me with some new information. I'm glad I got to learn from this book.Like any good cookbook, the steps you take are outlined in plenty of depth. As an example, Chapter 1 will take you through installing and testing Tripewire, an intrusion detection system. I've never used Tripwire and the book makes installing it and understanding what is does fairly easy. The thing to remember is that this is not a technical reference book. You won't learn concepts or even advanced concepts except as they relate to understanding the steps in the recipes.One more note on chapter 1. I did not know you could set a file to be immutable. That is very cool.The step by step guide to hack an Oracle connection is also pretty cool. It not only shows you how to do it and how to protect it but also exactly how it works.The book is very easy to read and follow (providing the concepts are not brand new to you). This book won't make you a security expert but by following the steps, you will have a more secure environment. That's a good thing for everyone.The book uses redhat for the 11g database server. Most of the stuff covered can be used on any OS with little or no changes. The OS specific stuff will of course need to be changed. Once you get to Chapter 3, it's all database related anyway.All in all, this is a good read. If you are responsible for the security of a database, it should be a mandatory read. If you are curious about how someone could hack your system and how to protect yourself from those hackers, this is a great book for your bookshelf. I'm glad it is on mine now.

Amazon Verified review

Stanley Nov 24, 2012

The number of security threats related to operating systems and databases are increasing every day, and this trend is expected to continue.In this book, many recipes are provided to show how these security risks could be mitigated or reduced. To sum up, recipes can be classified into general or Oracle specific security measures. For example, to confront different interception-type attacks, you can use either Oracle Advanced Security encryption and integrity, or alternatives such as IPSEC, stunnel, and SSH tunneling.For general measures, topics such as "OS security" and "Securing the network and data in transit" are covered in Chapter 1 and 2. Starting from Chapter 3, security measures using Oracle products start emerging, which includes the following:* Oracle RMAN* Oracle Enterprise Manager* Oracle Virtual Private Database* Oracle Label Security* Oracle Database Vault* Oracle Audit* Oracle Cryptographic API* Oracle WalletsOther RecommendationsIn the book, it also make suggestions such as:* You should implement data audits to detect the origin of the attack or the source of the inappropriate data access or modification* You should develop and implement appropriate alerting systems to proactively detect and prevent attacks on systems and data* You should test these security measures first before their final deployment* You should perform security assessments regularly on your system

Ioan Pop Jun 10, 2014

It covers OS and Oracle database security. The 2 types of security have to go hand in hand to make for a really secure database.Thank you for your work.

hum802 Apr 30, 2013

Book is very good for the DBA.But it also depends on the System Administrator (if one exists in your corporation) to fully implement the ideas used in the book. DBA may not have full access to the OS to implement everything.Also, DBA needs to have a very good understanding of the OS like linux for instance to fully understand what's being done.Every DBA should read this book. I would recommend to a friend.

Bert Scalzo Dec 11, 2012

The Oracle 11g Anti-hacker's Cookbook covers an impressive breadth and depth of database security topics. No stone is left unturned. Plus quite uniquely the author fully explains every potential database security risk, demonstrates how to perform the hacks being protected against, and then of course how to mitigate or prevent them. Moreover the author covers advanced Oracle security features, including virtual private databases, label security and database vault. The overall result is an incredible book that should become any DBA's go to reference for any and all things related to Oracle database security.