Sumário Itens Encontrados: 75Preface 1Chapter 1: Operating System Security 7Introduction 7Using Tripwire for file integrity checking 9Using immutable files to prevent modifications 19Closing vulnerable network ports and services 21Using network security kernel tunables to protect your system 25Using TCP wrappers to allow and deny remote connections 27Enforcing the use of strong passwords and restricting the use ofprevious passwords 28Restricting direct login and su access 33Securing ssh login 35Chapter 2: Securing the Network and Data in Transit 39Introduction 39Hijacking an Oracle connection 40Using OAS network encryption for securing data in motion 49Using OAS data integrity for securing data in motion 58Using OAS SSL network encryption for securing data in motion 59Encrypting network communication using IPSEC 66Encrypting network communication with stunnel 70Encrypting network communication using SSH tunneling 73Restricting the fly listener administration using theADMIN_RESTRICTION_LISTENER parameter 76Securing external program execution (EXTPROC) 77Controlling client connections using the TCP.VALIDNODE_CHECKINGlistener parameter 80Chapter 3: Securing Data at Rest 83Introduction 83Using block device encryption 84Using filesystem encryption with eCryptfs 88Using DBMS_CRYPTO for column encryption 92Using Transparent Data Encryption for column encryption 101Using TDE for tablespace encryption 107Using encryption with data pump 109Using encryption with RMAN 114Chapter 4: Authentication and User Security 119Introduction 119Performing a security evaluation using Oracle Enterprise Manager 120Using an offline Oracle password cracker 128Using user profiles to enforce password policies 131Using secure application roles 136How to perform authentication using external password stores 139Using SSL authentication 141Chapter 5: Beyond Privileges: Oracle Virtual Private Database 145Introduction 145Using session-based application contexts 146Implementing row-level access policies 151Using Oracle Enterprise Manager for managing VPD 161Implementing column-level access policies 166Implementing VPD grouped policies 171Granting exemptions from VPD policies 183Chapter 6: Beyond Privileges: Oracle Label Security 185Introduction 185Creating and using label components 186Defining and using compartments and groups 198Using label policy privileges 208Using trusted stored units 210Chapter 7: Beyond Privileges: Oracle Database Vault 215Introduction 215Creating and using Oracle Database Vault realms 216Creating and using Oracle Vault command rules 223Creating and using Oracle Database Vault rulesets 228Creating and using Oracle Database Vault factors 238Creating and using Oracle Database Vault reports 243Chapter 8: Tracking and Analysis: Database Auditing 255Introduction 255Determining how and where to generate audit information 256Auditing sessions 259Auditing statements 261Auditing objects 264Auditing privileges 265Implementing fine-grained auditing 268Integrating Oracle audit with SYSLOG 272Auditing sys administrative users 274Appendix: Installing and Configuring Guardium, ODF, and OAV