In article [EMAIL PROTECTED], nelson flores
[EMAIL PROTECTED] writes
Something important to take into account when talking about security, is
the problem with if you don't know it's happening you can't stop it...
..
Remember to read/analyze logs for unusual stuff (Oracle or FW logs)...
preferably
Hi Paula,
Paul and Steve have given some good ideas on this but also you should
lock down the database as hard as you can. Even if the database is only
accessed via the application server its data is still available from the
internet. Issues such as SQL Injection and cross site scripting can come
Something important to take into account when talking about security, is
the problem with if you don't know it's happening you can't stop it...
..
Remember to read/analyze logs for unusual stuff (Oracle or FW logs)...
preferably with an IDS, as it makes the job of finding out whether you
have a
Guys,
Any good doc. on securing data on database on internal network behind firewall with an
application server accessing it in the DMZ. I am thinking Advanced security but would
appreciate something on this subject. I have stored some documents on security from
previous strings but cannot
--- [EMAIL PROTECTED] wrote:
Guys,
Any good doc. on securing data on database on
internal network behind firewall with an application
server accessing it in the DMZ. I am thinking
Advanced security but would appreciate something on
this subject. I have stored some documents on
security
Running Oracle 9i and Solaris 2.9.
It appears to me that the solution can be hardware based or Oracle based then. Which
brings up questions about cost versus administration versus reliability. Hmmm.
-Original Message-
Paul Drake
Sent: Friday, January 09, 2004 12:49 PM
To: Multiple
Is all SQL*Net traffic between the app server and the database server?
In other words, is all traffic secure where packets cannot be sniffed?
Or do you need to encrypt the SQL query result set data going from the
server to an unknown client? I believe that's what Oracle Advanced
Security gives