Intro to Database Security – Part 5

In the previous parts I talked about security of the application and infrastructure layer of database security. This will be the last post in the series and I want to dedicated it to a very important topic that is not a database only issue – passwords.

Links to the previous posts:
Part 1 – general introduction to security
Part 2 – introduction to database security
Part 3 – infrastructure aspect of database security
Part 4 – application aspect of database security

Continue reading

Bypassing the Listener

The listener is the first contact we make in order to connect to the Oracle database. Therefore, as DBAs, it is also the front-end component we can secure. There are a few ways to secure the listener, and I’ll name some later.
When hackers look for an entry point to our database, any process that listens on the network and is related to Oracle is a target. The listener, in this scenario, is the first candidate, as it is the main process that listens to network connections, but is the listener the only one?
Continue reading