[39357] in bugtraq
Re: Oracle Question Slightly OT
daemon@ATHENA.MIT.EDU (Joshua Wright)
Wed Jun 29 19:25:21 2005
Message-ID: <42C2FAF0.3050905@hasborg.com>
Date: Wed, 29 Jun 2005 15:48:00 -0400
From: Joshua Wright <jwright@hasborg.com>
MIME-Version: 1.0
To: "Ginski, Richard J." <rginski@co.pinellas.fl.us>
Cc: bugtraq@securityfocus.com
In-Reply-To: <7FCE473840E74747AE1E65C2E53E3DE721271D@ENTPCMAIL1.pinellascounty-fl.gov>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ginski, Richard J. wrote:
> ... have yet to find a best practices document for securing Oracle
> databases. Am I missing something?
Two excellent resources for securing Oracle databases includes the
Center for Internet Security benchmark (www.cisecurity.org) and the
"Securing Oracle: Step-by-Step" book at the SANS School Store
(https://store.sans.org/store_item.php?item=80).
Also, the SANS Institute recently started offering a 6-day class on
Securing Oracle database written by Oracle security expert Pete
Finnigan. More information is available at
http://www.sans.org/washington2005/description.php?tid=168.
I've also been very happy with "Oracle Security Handbook" by Theriault
and Newman (although a bit dated now) and "Effective Oracle Database 10g
Security by Design" by Knox (both published by Oracle Press).
NB: I work for the SANS Institute, and I am an instructor for the
Securing Oracle class.
- -Josh
- --
- -Joshua Wright
jwright@hasborg.com
2005-2006 pgpkey: http://802.11ninja.net/pgpkey.htm
fingerprint: F00E 7A42 8375 0C55 964F E5A4 4D2F 22F6 3658 A4BF
Today I stumbled across the world's largest hotspot. The SSID is "linksys".
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCwvrvTS8i9jZYpL8RAnlhAJ48Opq1+n4hZhY9kEHtJayZFrObegCeNw6+
BTtH2+4tI/4n9m49stcFv5A=
=sIEl
-----END PGP SIGNATURE-----
