Sumário Itens Encontrados: 239Part 1: Security Overview and History 1Chapter 1: Oracle Security History 3Chapter 2: Current State of the Art 7Google Hacking tnsnames.ora 7Attacking without tnsnames.ora 8Attacking the Standby Database 11Attacking the Backups 12Brute Force Remotely Over the Network 12Attacking the SYS Account 15TNS Poison Proxy Attack 18Privilege Escalation 19Database Link Security 20Chapter 3: Extrapolating Current Trends 25GPU-Supported Password Cracking 25Strong Password Philosophy 26Raising the Decryption Bar 27Moving to the Cloud 28Ensuring Replication Security 28General Trends 29Into the Future 29Part 2: Defense Cookbook 31Chapter 4: Managing Users in Oracle 33User Management Limitations 33Controlling System Privilege Usage by Wrapping 33Wrapping Alter User 34Grant Schema Wide 35Time-based Privileges 37UM_STATUS 37Bypassing User Management Controls 39Access to User Password Information 40LAST_LOGIN 40Chapter 5: Oracle Vulnerability Scanning 43Retrospective 43Tools of the Trade 43Penetration Testing 44Reviewing the Results 47Additional Protection 50Permissions 53Chapter 6: Centralized Native Auditing and IPS 55The Unified Audit Trail 55A Centralized Syslog 56Management and Reporting 58Searching the Audit Trail 59Ongoing Maintenance 60Alerting to Syslog Content 61Native Intrusion Prevention 61Chapter 7: Pluggable Database Primer 65Reasons for Pluggable Databases 65Simple View of 12c Container Structure 65Understanding Users and Roles in 12c 67Creating Common Roles 67Switching Containers 68Cloning the Seed Database 68Pluggable DB Commands 68Upgrading to 12c Multi-tenancy 69Part 3: Security in the 12c Release 71Chapter 8: New Security Features in 12C 73Data Redaction 73Database Auditing 74Context of the Changes to Audit Trail in 12c 74Actual 12c Release Audit Trail 75Privilege Analysis 78Transparent Sensitive-Data Protection 79Transparent Data Encryption 79Database Vault 79Database Application Security Architecture 80Definerâs Roles 80SELECT ANY DICTIONARY Privilege 80Breaking Up SYSDBA Privilege 8112c Miscellaneous Security Improvements 81Security Features Not in 12c 82Chapter 9: Design Flaws, Fixed and Remaining in 12C 83Remote SYS Brute-Force Attacks 83Default Account Attacks 85Privilege Escalation through Public Privileges 85Public Privileges 86Definerâs Roles 86SYSDBA Phishing 89Database Link Issues 90Passwords 90OS Access from the DB 91Privilege Escalation to SYSDBA 91Privilege Extension 91Chapter 10: Security Issues in 12c 93Segregated Groups of User Privilege 93DBMS_ADVISOR Directory Privileges 94GRANT ANY OBJECT PRIVILEGE Control Bypass 102Redaction Bypasses 10512c Passwords and Cryptography 107DBlink Decryption in 12c 112Network Authentication Decryption in 12c 114Phishing for SYSDBA 114Chapter 11: Advanced Defense and Forensic Response 119Controlling the PUBLIC Role 119State-Checking Query 119OS Checksum Automation 121Securing the DB from the OS 123Controlling Database Link Permissions 124Enterprise Manager and Cloud Control Security 125Oracle Forensics 128History of Oracle Forensics 129Laws Pertaining to Database Forensics and Computer Security 129Generic Forensic Response Process 130External Sources of Metadata 131Audit Trail as a Source of Evidential Metadata 134Other Internal Records 136Integrity State-Checking of Database Objects 139Part 4: Security in Consolidation 143Chapter 12: Privileged Access Control Foundations 145Privileged Access Control Fundamentals 145Multi-Layer Security 145MAC and DAC 146Trusted Components 146Oracle Access Control 146Business Drivers for Focus on Privileged Access Control 147Social Engineering Attacks 148Human Error Vs. Malfeasance 148Data-breach Realities 148Data Vs Process 148Consolidation as PAC Driver 149Chapter 13: Privileged Access Control Methods 151Surveying Products in the Marketplace 151Accounts under Privileged Access Control 151SYS Account 152Schema-Owning Accounts 152Handling Compromised Checksummer 154Segregation of Duty (SoD) 154Privilege Escalation 155Privileged Access Control Structures 157Password Hub 157Terminal Hub Systems 159Generic Security Issues with Hub PAC Servers 159External DBA Access 160Pros and Cons of Terminal Hub 160Four-Eye âExtremeâ Database Administration 161Non-Human Application Account Management 161Resistance to Passing Privilege Power to PAC Servers 161OPAM 162Break-Glass Access Control Systems 162Chapter 14: Securing Privileged Access Control Systems 163Privilege Access Control Communications 163OCI New Password 164Perl Pre-Hash Generation 165Oracle Network Encryption 166Privileged Access Controlâs Achillesâ Heel 168Database Vault 170Splitting SYS at the OS in 12c 170Native Auditing and Security Monitoring 173Unix Access to Oracle 175Unix Access to SYS in 12c 176Chapter 15: Rootkit Checker and Security Monitoring 181Detecting First-Generation Rootkits 182Root Verification of Checksummer Integrity 187Further Work 189Detecting Second-Generation Rootkits 190Oracle Binary Integrity 190Third-Generation In-Memory Rootkits 192Pinned Backdoor Packages in the SGA 193Deleted User Still in the SGA 195Detecting Oradebug Usage 196Meterpreter-Style in Memory Backdoor 197Unix Privileged Access Control 199Capabilities and Root 201Self-replicating Rootkits 201.bsq Files 201The Seed Database 202Part 5: Architectural Risk Management 205Chapter 16: Oracle Security Architecture Foundations 207EM12c Architectural Control 207Why Do We Need Architectural Thinking? 207Security Architecture Theory 208TOGAF Architecture Development Process 208SABSA Security Architecture Framework 209Organizational Risk Reduction 211Organizational Risk Incentive 212Compliance and Audit 212Chapter 17: Enterprise Manager 12C as a Security Tool 215EM12c Introduction and General Usage 215Comparisons 217Using EM12c to Secure Your DB Estate 221Certified Templates 222Oracle-Provided Templates 223OS Administration in EM12c 225Running Host OS Commands from EM 227Directly Edit the Password File? 229Named Credentials Listed 231Detail of a DB-Named Credential 232Detail of an OS-Named Credential 233EXECMD Numbers 234Immutable EXECMD Log 235Historic Command Listing 236Immutable Log of Command 237Incidents 238Security Configurations on the Target 240Option-Pack Listing in EM 241Compliance Library 242FacetsâState-checking within EM CC 246State-checking glogin.sql Using a Facet 247EM12c Reports 251Create a Job in EM 253Using EM to Patch the DB Estate 254Message from Oracle Regarding Patching 255Instructions for Offline Patching 256Chapter 18: Defending Enterprise Manager 12C 261Securing Availability 261Securing Network Communications 262Confirming EM Network Encryption 263Enterprise Manager Users, Roles, and Privileges 264Administrators in Cloud Control 264EM User Roles 265Super Administrators 267Security Issues Exposed 272Hacking the Repository 272Defending the Repository 274PUBLIC for EM reports 275Adaptive Delay Triggered by Failed Logins 278Applying a Corrective Action 284Chapter 19: âThe Cloudâ and Privileged Access 287Historical Context to the Cloud 287What Is the Cloud? 287Benefits of Cloud Computing 288Issues Agreeing and Implementing Cloud 288Latency Testing 289Moving to Oracle Cloud with EM12c 291EM12c Consolidation Planner 291Privileged Access Control in the Cloud with EM12c and PowerBroker 292Identity Management in the Cloud 295Chapter 20: Management and Conclusions 297Topics Not CoveredâFuture Work 297Cloud Identity Management 297Enterprise User Security (EUS) 297Engineered Systems 298Big Data 298BTRFS 298Future Learning Sources 299Managing Change 299Multi-tenant Future? 299Conclusions 300Index 303