Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Oracle 11g Anti-hacker's Cookbook
Oracle 11g Anti-hacker's Cookbook

Oracle 11g Anti-hacker's Cookbook: Make your Oracle database virtually impregnable to hackers using the knowledge in this book. With over 50 recipes, you'll quickly learn protection methodologies that use industry certified techniques to secure the Oracle database server.

eBook
€8.99 €36.99
Paperback
€45.99
Subscription
Free Trial
Renews at €18.99p/m

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
OR
Modal Close icon
Payment Processing...
tick Completed

Shipping Address

Billing Address

Shipping Methods
Table of content icon View table of contents Preview book icon Preview Book

Oracle 11g Anti-hacker's Cookbook

Chapter 2. Securing the Network and Data in Transit

In this chapter we will cover the following topics:

  • Hijacking an Oracle connection

  • Using OAS network encryption for securing data in motion

  • Using OAS data integrity for securing data in motion

  • Using OAS SSL network encryption for securing data in motion

  • Encrypting network communication using IPSEC

  • Encrypting network communication with stunnel

  • Encrypting network communication with SSH tunneling

  • Restricting the fly listener administration using ADMIN_RESTRICTION_LISTENER parameter

  • Securing external program execution (EXTPROC)

  • Controlling the client connections using the TCP.VALIDNODE_CHECKING listener parameter

Introduction


As most of the applications that are using Oracle Databases are two or three tiered, communication over network is involved. The network and its components are probably the most vulnerable area due to the increased amount of exposure. Network communication layer attacks are usually one of the hardest to detect as the majority of them do not require a direct connection to the database server, but instead are targeted towards the network traffic and the data in flight. In the following chapter we will present some of the most widely used attack and defense techniques against the Oracle network components.

Hijacking an Oracle connection


This connection hijacking scenario and the proxy program used were developed by Laszlo Toth and presented at Hackactivity 2009 (http://soonerorlater.hu/index.khtml?article_id=514).The flash presentation can be viewed at http://soonerorlater.hu/flash/pytnsproxy_1.htm.

This is a classic scenario and example of a man in the middle (MITM) attack in which an interposed attacker hijacks a client connection.

For this scenario we will use three hosts: database server (noderorcl1), Oracle client (nodeorcl5), and attacker host (mitmattack). The scenario will be performed using Oracle 11.0.1.6 Enterprise Edition on all hosts. The attacker host will be configured on a virtual machine running Fedora 11 x 84 (Leonidas # 1 SMP 2.6.29.4-167.fc11.x86_64 Wed May 27 17:27:08 EDT 2009 x86_64 x86_64 x86_64 GNU / Linux). The setting up and configuration of the attacker host, mitmattack, will be covered in this recipe.

Getting ready

Download and install Oracle Enterprise Edition version...

Using OAS network encryption for securing data in motion


Oracle has built-in network encryption methods in its Oracle Advanced Security pack. The main advantage of using OAS encryption instead of other encryption methods is its ability to integrate and work with other Oracle security products such as Oracle Database Firewall and third-party products provided by other vendors such as IBM (InfoSphere Guardium), Imperva, and others. As a disadvantage, being a separate pack, it is expensive and requires licensing.

In case that you use unencrypted network communication, all the data flow from server to client will be sent in clear text. The only exception is the password which is sent in encrypted form during authentication. Packet interception becomes a trivial task if the attacker is located at the right place on the network and the data is transmitted unencrypted. In this recipe we will sniff and analyze the data in flight between nodeorcl5 and nodeorcl1 using Winshark. We will capture the...

Using OAS data integrity for securing data in motion


Using data integrity guarantees that the packets will not be altered during transmission and reception. Data integrity can be used against replay attacks and MITM attacks, where the attacker may send crafted packets to obtain or modify different information from the database. Oracle provides SHA1 and MD5 hash functions for data integrity. Similarly with network encryption, if you want to use data integrity, an OAS license must be purchased. In the following recipe we will configure SHA1 for data integrity and we will demonstrate its utility against the Oracle Hijacking scenario.

Getting ready

The steps from this recipe will be performed on nodeorcl1 and nodeorcl5.

How to do it...

  1. Open the $ORACLE_HOME/network/admin/sqlnet.ora configuration file on nodeorcl1. Similarly with network encryption, data integrity also has desired checksum behavior which can be specified by using SQLNET.CRYPTO_CHECKSUM_SERVER. Set the value to required as follows...

Using OAS SSL network encryption for securing data in motion


In Oracle you also have the possibility to use SSL based encrypted transmission between clients and servers. In this recipe we will introduce Oracle wallets. As its name suggests, an Oracle wallet is a container that can hold certificates, keys, and passwords. These are used primarily for network security operations and in implementing transparent data encryption, a subject that we will cover in Chapter 3, Securing Data at Rest.

Getting ready

In this recipe we will use nodeorcl1 and nodeorcl5.

How to do it...

In this recipe we will introduce Oracle wallets created and managed with the orapki utility.

  1. As the user root the create directories for wallets and assign oracle as the owner on the nodeorcl1 and nodeorcl5 hosts:

    [root@nodeorcl1 ~]# mkdir -p /security/wallets/ssl
    [root@nodeorcl1 ~]# chown -R oracle:oinstall /security/wallets/ssl
    
    [root@nodeorcl5 ~]# mkdir -p /security/wallets/ssl
    [root@nodeorcl5 ~]# chown oraclient:oinstall ...

Encrypting network communication using IPSEC


Internet Protocol Security (IPSEC) is a protocol suite developed to encapsulate security using encryption, integrity, and authentication for Internet Protocol. It operates at the Internet layer of the IP protocol and is currently supported by all major operating systems. IPSEC implementation is suitable from small to large enterprise networks and can be used as an alternative to Oracle Advanced Security encryption. In this recipe we will show how to establish an IPSEC connection between nodeorcl5 and a Windows client. On Red Hat we will use freeswan IPSEC implementation and will configure a test-like setup using prehashed keys.

Getting ready

As a prerequisite, create a new virtual machine and install Windows 7 and Oracle Client 11.2.0.3 on it.

How it works...

We will start this recipe with the Linux IPSEC freeswan configuration.

  1. First, we will configure the participant hosts, encryption algorithms, and the checksum algorithm. Open the freeswan configuration...

Encrypting network communication with stunnel


Stunnel is a program that acts as a proxy that removes, wraps, and encrypts the network communication using SSL thought tunnelling. It is suitable mainly to be used by DBAs for remote database administration or for encrypting communication (log transport) with DataGuard. In this recipe we will encrypt a connection between nodeorcl5 and nodeorcl1 using stunnel.

Getting ready

All steps will be performed on nodeorcl1 and nodeorcl5.

As a prerequisite download and install stunnel from http://www.stunnel.org/downloads.html both on nodeorcl1 and nodeorcl5.

How to do it...

  1. We will start to configure stunnel as a service. Download stunnel_RC_script from http://www.gaztronics.net/rc/stunnel.php and copy it to /etc/init.d.

  2. Next, change the owner permissions for stunnel to root and define it as a service as follows:

    [root@nodeorcl1 stunnel]# chown root:root /etc/init.dstunnel
    [root@nodeorcl1 stunnel]# chkconfig --add stunnel
    
  3. Because stunnel will forward from...

Encrypting network communication using SSH tunneling


In these days ssh is the de facto method for establishing a remote connection to a host. It can also be used to tunnel and encrypt network communication between two hosts. SSH tunneling can be implemented for encrypting network communication between a computer used by a DBA for remote database administration, but is also suitable to be used with Data Guard for encrypting log shipping. In this recipe we will encrypt the network communication between nodeorcl1 and nodeorcl5 using ssh.

Getting ready

All steps will be performed on nodeorcl1 and nodeorcl5.

How to do it...

To use tunneling you must enable ssh port forwarding on the server. Open the /etc/ssh/sshd_conf configuration file and uncomment the following line:

AllowTcpForwarding yes

Save and close the file and restart sshd service as follows:

service sshd restart

  1. To forward the listening port to the ssh port execute the following command:

    [oracle@nodeorcl1 ~]#
    ssh -N -L1530:nodeorcl1:1521...

Restricting the fly listener administration using the ADMIN_RESTRICTION_LISTENER parameter


Using the set lsnrctl command listener, we may dynamically change and override parameters. An attacker may use this capability for his own advantage by launching a series of DoS attacks against the database. The simplest DoS attack example is to simply stop the listener. Other DoS attacks can be produced by setting the listener trace (for example set listener trace to overwrite system01.dbf - set trc_file '/u01/HACKDB/system01.dbf')or log files to overwrite data files or redo logs, or they can be used to generate scripts in a desired location that may be used later.

Getting ready

All steps will be performed on nodeorcl1.

How to do it...

  1. The format of parameter is ADMIN_RESTRICTION_listener_name. In our case we will disable the fly administration of the listener named LISTENER. Open $ORACLE_HOME/network/admin/listener.ora and enable ADMIN_RESTRICTION_LISTENER as follows:

    ADMIN_RESTRICTION_LISTENER=ON
    
  2. Reload...

Securing external program execution (EXTPROC)


Some database applications can use external dynamic libraries implemented in a language such as C or C++. Usually these external libraries are developed for performance reasons, but they can also represent a major security threat by being replaced with ones that contain malicious code. Therefore this feature must be used with maximum precaution.

The listener process allows executing external programs using a dedicated program named extproc, which is located by default at $ORACLE_HOME/bin. The access to these external libraries can be configured within the listener configuration file listener.ora.

The following is a configuration example from listener.ora that allows executing a specific library:

  (SID_LIST =
    (SID_DESC =
      (SID_NAME = CLRExtProc)
      (ORACLE_HOME = /u01/app/oracle/product/11.2.0/db/)
      (PROGRAM = extproc)
      (ENVS = "EXTPROC_DLLS=ONLY:/home/oracle/appclrso.so")
    )
  )

The corresponding entry for extproc from...

Controlling client connections using the TCP.VALIDNODE_CHECKING listener parameter


The usage of the valid node checking security feature is very similar to the TCP wrappers presented in Chapter 1, Operating System Security. Using this capability, you can deny or the allow connecting clients based on IP address or hostname.

Getting ready

All steps will be performed on nodeorcl1.

How to do it...

  1. Open $ORACLE_HOME/network/admin/sqlnet.ora and enable valid node checking by setting TCP.VALIDNODE_CKECINK as follows:

    TCP.VALIDNODE_CHECKING=ON
    
  2. Next, you can establish the hosts that will be allowed to connect by setting the TCP.INVITED_NODES parameter as follows:

    TCP.INVITED_NODES= {nodeorcl5}
    
  3. After you add the invited nodes you must reload the listener configuration.

    lsnrctl reload
    
  4. If we want to establish a connection from a node that is not included in the invited node list, the ORA-12537: TNS:connection closed error will be thrown as follows:

    oraclient@nodeorcl2:~> sqlplus hr/hr@HCKDB
    
    SQL...
Left arrow icon Right arrow icon

Key benefits

  • Learn to protect your sensitive data by using industry certified techniques
  • Implement and use ultimate techniques in Oracle Security and new security features introduced in Oracle 11g R2
  • Implement strong network communication security using different encryption solutions provided by Oracle Advanced Security

Description

For almost all organizations, data security is a matter of prestige and credibility. The Oracle Database is one of the most rich in features and probably the most used Database in a variety of industries where security is essential. To ensure security of data both in transit and on the disk, Oracle has implemented the security technologies to achieve a reliable and solid system. In Oracle 11g Anti-Hacker's Cookbook, you will learn about the most important solutions that can be used for better database security."Oracle 11g Anti-hacker's Cookbook" covers all the important security measures and includes various tips and tricks to protect your Oracle Database."Oracle 11g Anti-hacker's Cookbook" uses real-world scenarios to show you how to secure the Oracle Database server from different perspectives and against different attack scenarios. Almost every chapter has a possible threads section, which describes the major dangers that can be confronted. The initial chapters cover how to defend the operating system, the network, the data and the users. The defense scenarios are linked and designed to prevent these attacks. The later chapters cover Oracle Vault, Oracle VPD, Oracle Labels, and Oracle Audit. Finally, in the Appendices, the book demonstrates how to perform a security assessment against the operating system and the database, and how to use a DAM tool for monitoring.

Who is this book for?

If you are an Oracle Database Administrator, Security Manager or Security Auditor looking to secure the Oracle Database or prevent it from being hacked, then this book is for you.This book assumes you have a basic understanding of security concepts.

What you will learn

  • Get to grips with configuring a secure server at operating system level for Oracle Database
  • Master how to secure data by using Oracle Cryptographic API and Transparent Data Encryption
  • Get step-by-step instructions to implement a solid audit strategy by using the built in solutions and fine grained auditing
  • Understand how to segregate and protect data access by using Oracle Vault
  • Learn about different types of attacks and how to implement a solid defence against them
  • Empathize the attacks and interceptions by using different techniques and tools such as sniffing, man-in-the-middle, brute force and password crackers.
Estimated delivery fee Deliver to Netherlands

Premium delivery 7 - 10 business days

€17.95
(Includes tracking information)

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Oct 25, 2012
Length: 302 pages
Edition : 1st
Language : English
ISBN-13 : 9781849685269
Vendor :
Oracle
Category :
Languages :

What do you get with Print?

Product feature icon Instant access to your digital eBook copy whilst your Print order is Shipped
Product feature icon Paperback book shipped to your preferred address
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
OR
Modal Close icon
Payment Processing...
tick Completed

Shipping Address

Billing Address

Shipping Methods
Estimated delivery fee Deliver to Netherlands

Premium delivery 7 - 10 business days

€17.95
(Includes tracking information)

Product Details

Publication date : Oct 25, 2012
Length: 302 pages
Edition : 1st
Language : English
ISBN-13 : 9781849685269
Vendor :
Oracle
Category :
Languages :

Packt Subscriptions

See our plans and pricing
Modal Close icon
€18.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
€189.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts
€264.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total 140.97
Oracle 11g Anti-hacker's Cookbook
€45.99
Oracle Database 11gR2 Performance Tuning Cookbook
€45.99
Oracle Database 12c Backup and Recovery Survival Guide
€48.99
Total 140.97 Stars icon
Banner background image

Table of Contents

8 Chapters
Operating System Security Chevron down icon Chevron up icon
Securing the Network and Data in Transit Chevron down icon Chevron up icon
Securing Data at Rest Chevron down icon Chevron up icon
Authentication and User Security Chevron down icon Chevron up icon
Beyond Privileges: Oracle Virtual Private Database Chevron down icon Chevron up icon
Beyond Privileges: Oracle Label Security Chevron down icon Chevron up icon
Beyond Privileges: Oracle Database Vault Chevron down icon Chevron up icon
Tracking and Analysis: Database Auditing Chevron down icon Chevron up icon

Customer reviews

Rating distribution
Full star icon Full star icon Full star icon Full star icon Full star icon 5
(5 Ratings)
5 star 100%
4 star 0%
3 star 0%
2 star 0%
1 star 0%
LewisC Nov 21, 2012
Full star icon Full star icon Full star icon Full star icon Full star icon 5
I'm not usually a big fan of technical cookbooks. Usually the books will only have one or two useful routines. If a person is a programmer, the book will be from their body of knowledge. If they are DBA, it will be from the administration side. Either of these tends to limit the breadth of a cookbook. That's like a cooking cookbook with no soup section. I like soup. I want soup. Now I'm hungry.This book is quite a bit different. To start off, the author is certified in DB2 and Oracle as an adminstrator (which, for security is more important than a programming background). However, the author is also certified as a system administrator. In an anti-hacking cookbook, that is critical. If you don't secure your perimeter, everything else will be a lot easier to crack.Here is his bio from the book:Adrian Neagu has over ten years of experience as a database administrator, mainly with DB2 and Oracle databases. He is an Oracle Certified Master 10g, Oracle Certified Professional 9i, 10g, and 11g, IBM DB2 Certified Administrator version 8.1.2 and 9, IBM DB2 9 Advanced Certified Administrator 9, and Sun Certified System Administrator Solaris 10. He is an expert in many areas of database administration such as performance tuning, high availability, replication, backup, and recovery.The book itself is not a huge tome. It weighs in at 302 pages. You can view the second chapter, Securing the Network and Data in Transit, for free.I was already very familiar with the topics covered in Chapters 3 through 5 and Chapter 8. The other chapters provided me with some new information. I'm glad I got to learn from this book.Like any good cookbook, the steps you take are outlined in plenty of depth. As an example, Chapter 1 will take you through installing and testing Tripewire, an intrusion detection system. I've never used Tripwire and the book makes installing it and understanding what is does fairly easy. The thing to remember is that this is not a technical reference book. You won't learn concepts or even advanced concepts except as they relate to understanding the steps in the recipes.One more note on chapter 1. I did not know you could set a file to be immutable. That is very cool.The step by step guide to hack an Oracle connection is also pretty cool. It not only shows you how to do it and how to protect it but also exactly how it works.The book is very easy to read and follow (providing the concepts are not brand new to you). This book won't make you a security expert but by following the steps, you will have a more secure environment. That's a good thing for everyone.The book uses redhat for the 11g database server. Most of the stuff covered can be used on any OS with little or no changes. The OS specific stuff will of course need to be changed. Once you get to Chapter 3, it's all database related anyway.All in all, this is a good read. If you are responsible for the security of a database, it should be a mandatory read. If you are curious about how someone could hack your system and how to protect yourself from those hackers, this is a great book for your bookshelf. I'm glad it is on mine now.
Amazon Verified review Amazon
Stanley Nov 24, 2012
Full star icon Full star icon Full star icon Full star icon Full star icon 5
The number of security threats related to operating systems and databases are increasing every day, and this trend is expected to continue.In this book, many recipes are provided to show how these security risks could be mitigated or reduced. To sum up, recipes can be classified into general or Oracle specific security measures. For example, to confront different interception-type attacks, you can use either Oracle Advanced Security encryption and integrity, or alternatives such as IPSEC, stunnel, and SSH tunneling.For general measures, topics such as "OS security" and "Securing the network and data in transit" are covered in Chapter 1 and 2. Starting from Chapter 3, security measures using Oracle products start emerging, which includes the following:* Oracle RMAN* Oracle Enterprise Manager* Oracle Virtual Private Database* Oracle Label Security* Oracle Database Vault* Oracle Audit* Oracle Cryptographic API* Oracle WalletsOther RecommendationsIn the book, it also make suggestions such as:* You should implement data audits to detect the origin of the attack or the source of the inappropriate data access or modification* You should develop and implement appropriate alerting systems to proactively detect and prevent attacks on systems and data* You should test these security measures first before their final deployment* You should perform security assessments regularly on your system
Amazon Verified review Amazon
Ioan Pop Jun 10, 2014
Full star icon Full star icon Full star icon Full star icon Full star icon 5
It covers OS and Oracle database security. The 2 types of security have to go hand in hand to make for a really secure database.Thank you for your work.
Amazon Verified review Amazon
hum802 Apr 30, 2013
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Book is very good for the DBA.But it also depends on the System Administrator (if one exists in your corporation) to fully implement the ideas used in the book. DBA may not have full access to the OS to implement everything.Also, DBA needs to have a very good understanding of the OS like linux for instance to fully understand what's being done.Every DBA should read this book. I would recommend to a friend.
Amazon Verified review Amazon
Bert Scalzo Dec 11, 2012
Full star icon Full star icon Full star icon Full star icon Full star icon 5
The Oracle 11g Anti-hacker's Cookbook covers an impressive breadth and depth of database security topics. No stone is left unturned. Plus quite uniquely the author fully explains every potential database security risk, demonstrates how to perform the hacks being protected against, and then of course how to mitigate or prevent them. Moreover the author covers advanced Oracle security features, including virtual private databases, label security and database vault. The overall result is an incredible book that should become any DBA's go to reference for any and all things related to Oracle database security.
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is the delivery time and cost of print book? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela
What is custom duty/charge? Chevron down icon Chevron up icon

Customs duty are charges levied on goods when they cross international borders. It is a tax that is imposed on imported goods. These duties are charged by special authorities and bodies created by local governments and are meant to protect local industries, economies, and businesses.

Do I have to pay customs charges for the print book order? Chevron down icon Chevron up icon

The orders shipped to the countries that are listed under EU27 will not bear custom charges. They are paid by Packt as part of the order.

List of EU27 countries: www.gov.uk/eu-eea:

A custom duty or localized taxes may be applicable on the shipment and would be charged by the recipient country outside of the EU27 which should be paid by the customer and these duties are not included in the shipping charges been charged on the order.

How do I know my custom duty charges? Chevron down icon Chevron up icon

The amount of duty payable varies greatly depending on the imported goods, the country of origin and several other factors like the total invoice amount or dimensions like weight, and other such criteria applicable in your country.

For example:

  • If you live in Mexico, and the declared value of your ordered items is over $ 50, for you to receive a package, you will have to pay additional import tax of 19% which will be $ 9.50 to the courier service.
  • Whereas if you live in Turkey, and the declared value of your ordered items is over € 22, for you to receive a package, you will have to pay additional import tax of 18% which will be € 3.96 to the courier service.
How can I cancel my order? Chevron down icon Chevron up icon

Cancellation Policy for Published Printed Books:

You can cancel any order within 1 hour of placing the order. Simply contact customercare@packt.com with your order details or payment transaction id. If your order has already started the shipment process, we will do our best to stop it. However, if it is already on the way to you then when you receive it, you can contact us at customercare@packt.com using the returns and refund process.

Please understand that Packt Publishing cannot provide refunds or cancel any order except for the cases described in our Return Policy (i.e. Packt Publishing agrees to replace your printed book because it arrives damaged or material defect in book), Packt Publishing will not accept returns.

What is your returns and refunds policy? Chevron down icon Chevron up icon

Return Policy:

We want you to be happy with your purchase from Packtpub.com. We will not hassle you with returning print books to us. If the print book you receive from us is incorrect, damaged, doesn't work or is unacceptably late, please contact Customer Relations Team on customercare@packt.com with the order number and issue details as explained below:

  1. If you ordered (eBook, Video or Print Book) incorrectly or accidentally, please contact Customer Relations Team on customercare@packt.com within one hour of placing the order and we will replace/refund you the item cost.
  2. Sadly, if your eBook or Video file is faulty or a fault occurs during the eBook or Video being made available to you, i.e. during download then you should contact Customer Relations Team within 14 days of purchase on customercare@packt.com who will be able to resolve this issue for you.
  3. You will have a choice of replacement or refund of the problem items.(damaged, defective or incorrect)
  4. Once Customer Care Team confirms that you will be refunded, you should receive the refund within 10 to 12 working days.
  5. If you are only requesting a refund of one book from a multiple order, then we will refund you the appropriate single item.
  6. Where the items were shipped under a free shipping offer, there will be no shipping costs to refund.

On the off chance your printed book arrives damaged, with book material defect, contact our Customer Relation Team on customercare@packt.com within 14 days of receipt of the book with appropriate evidence of damage and we will work with you to secure a replacement copy, if necessary. Please note that each printed book you order from us is individually made by Packt's professional book-printing partner which is on a print-on-demand basis.

What tax is charged? Chevron down icon Chevron up icon

Currently, no tax is charged on the purchase of any print book (subject to change based on the laws and regulations). A localized VAT fee is charged only to our European and UK customers on eBooks, Video and subscriptions that they buy. GST is charged to Indian customers for eBooks and video purchases.

What payment methods can I use? Chevron down icon Chevron up icon

You can pay with the following card types:

  1. Visa Debit
  2. Visa Credit
  3. MasterCard
  4. PayPal
What is the delivery time and cost of print books? Chevron down icon Chevron up icon

Shipping Details

USA:

'

Economy: Delivery to most addresses in the US within 10-15 business days

Premium: Trackable Delivery to most addresses in the US within 3-8 business days

UK:

Economy: Delivery to most addresses in the U.K. within 7-9 business days.
Shipments are not trackable

Premium: Trackable delivery to most addresses in the U.K. within 3-4 business days!
Add one extra business day for deliveries to Northern Ireland and Scottish Highlands and islands

EU:

Premium: Trackable delivery to most EU destinations within 4-9 business days.

Australia:

Economy: Can deliver to P. O. Boxes and private residences.
Trackable service with delivery to addresses in Australia only.
Delivery time ranges from 7-9 business days for VIC and 8-10 business days for Interstate metro
Delivery time is up to 15 business days for remote areas of WA, NT & QLD.

Premium: Delivery to addresses in Australia only
Trackable delivery to most P. O. Boxes and private residences in Australia within 4-5 days based on the distance to a destination following dispatch.

India:

Premium: Delivery to most Indian addresses within 5-6 business days

Rest of the World:

Premium: Countries in the American continent: Trackable delivery to most countries within 4-7 business days

Asia:

Premium: Delivery to most Asian addresses within 5-9 business days

Disclaimer:
All orders received before 5 PM U.K time would start printing from the next business day. So the estimated delivery times start from the next day as well. Orders received after 5 PM U.K time (in our internal systems) on a business day or anytime on the weekend will begin printing the second to next business day. For example, an order placed at 11 AM today will begin printing tomorrow, whereas an order placed at 9 PM tonight will begin printing the day after tomorrow.


Unfortunately, due to several restrictions, we are unable to ship to the following countries:

  1. Afghanistan
  2. American Samoa
  3. Belarus
  4. Brunei Darussalam
  5. Central African Republic
  6. The Democratic Republic of Congo
  7. Eritrea
  8. Guinea-bissau
  9. Iran
  10. Lebanon
  11. Libiya Arab Jamahriya
  12. Somalia
  13. Sudan
  14. Russian Federation
  15. Syrian Arab Republic
  16. Ukraine
  17. Venezuela