As you know, Oracle Open World is over (for me at least), and one of the major topics there was Oracle 12cR2 (or 12.2). It looks like a really cool version, the downside is that is currently available on Oracle cloud only. We are all waiting for the on-premise release so we can install and play with it.
In the previous parts I talked about security of the application and infrastructure layer of database security. This will be the last post in the series and I want to dedicated it to a very important topic that is not a database only issue – passwords.
Links to the previous posts:
Part 1 – general introduction to security
Part 2 – introduction to database security
Part 3 – infrastructure aspect of database security
Part 4 – application aspect of database security
In the previous parts I talked about database security and the infrastructure part of database security. In this post I will discuss the development aspect of the database.
In the previous parts I talked about introduction to the security world and database security. In this post I will dive into the infrastructure aspect of the database.
In part 1 I talked about introduction to the security world and important terms. In this post I will introduce database security, what it means and what we can do about it.
Link to the previous post: part 1 – general introduction to security
One of our main lines of business at DBAces is security and database security. Besides that, security is a very interesting topic and I love it. So I decided to start a series of posts about security in general (as an overview) and database security specifically.
The listener is the first contact we make in order to connect to the Oracle database. Therefore, as DBAs, it is also the front-end component we can secure. There are a few ways to secure the listener, and I’ll name some later.
When hackers look for an entry point to our database, any process that listens on the network and is related to Oracle is a target. The listener, in this scenario, is the first candidate, as it is the main process that listens to network connections, but is the listener the only one?
Continue reading “Bypassing the Listener”