In article <[EMAIL PROTECTED]>, nelson flores <[EMAIL PROTECTED]> writes >Something important to take into account when talking about security, is >the problem with "if you don't know it's happening you can't stop it..." >.. >Remember to read/analyze logs for unusual stuff (Oracle or FW logs)... >preferably with an IDS, as it makes the job of finding out whether you >have a security breach a whole lot easier. > >
Good point, the checklists on my site also talk about Oracle auditing - I have a paper on auditing and also my paper "detecting SQL injection on Oracle" (http://www.petefinnigan.com/orasec.htm) talks about some ideas for trapping actions such as SQL Injection. As you also say analysing firewall logs with or without an IDS is also very important. Kind regards Pete -- Pete Finnigan email:[EMAIL PROTECTED] Web site: http://www.petefinnigan.com - Oracle security audit specialists Book:Oracle security step-by-step Guide - see http://store.sans.org for details. -- Please see the official ORACLE-L FAQ: http://www.orafaq.net -- Author: Pete Finnigan INET: [EMAIL PROTECTED] Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
