Oracle 12.2 Cool New Features

As you know, Oracle Open World is over (for me at least), and one of the major topics there was Oracle 12cR2 (or 12.2). It looks like a really cool version, the downside is that is currently available on Oracle cloud only. We are all waiting for the on-premise release so we can install and play with it.

Continue reading “Oracle 12.2 Cool New Features”

Intro to Database Security – Part 5

In the previous parts I talked about security of the application and infrastructure layer of database security. This will be the last post in the series and I want to dedicated it to a very important topic that is not a database only issue – passwords.

Links to the previous posts:
Part 1 – general introduction to security
Part 2 – introduction to database security
Part 3 – infrastructure aspect of database security
Part 4 – application aspect of database security

Continue reading “Intro to Database Security – Part 5”

Intro to Database Security – Part 4

In the previous parts I talked about database security and the infrastructure part of database security. In this post I will discuss the development aspect of the database.

Links to the previous posts:
Part 1 – general introduction to security
Part 2 – introduction to database security
Part 3 – infrastructure aspect of database security

Continue reading “Intro to Database Security – Part 4”

Intro to Database Security – Part 3

In the previous parts I talked about introduction to the security world and database security. In this post I will dive into the infrastructure aspect of the database.

Links to the previous posts:
Part 1 – general introduction to security
Part 2 – introduction to database security

Continue reading “Intro to Database Security – Part 3”

Intro to Database Security – Part 2

In part 1 I talked about introduction to the security world and important terms. In this post I will introduce database security, what it means and what we can do about it.

Link to the previous post: part 1 – general introduction to security

Continue reading “Intro to Database Security – Part 2”

Intro to Database Security – Part 1

One of our main lines of business at DBAces is security and database security. Besides that, security is a very interesting topic and I love it. So I decided to start a series of posts about security in general (as an overview) and database security specifically.

Continue reading “Intro to Database Security – Part 1”

Bypassing the Listener

The listener is the first contact we make in order to connect to the Oracle database. Therefore, as DBAs, it is also the front-end component we can secure. There are a few ways to secure the listener, and I’ll name some later.
When hackers look for an entry point to our database, any process that listens on the network and is related to Oracle is a target. The listener, in this scenario, is the first candidate, as it is the main process that listens to network connections, but is the listener the only one?
Continue reading “Bypassing the Listener”