Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Database Security over the Net

Re: Database Security over the Net

From: Martin Hepworth <maxsec_at_totalise.co.uk>
Date: 2000/04/14
Message-ID: <38F6D4EF.6F46194F@totalise.co.uk>#1/1 






Frank wrote:


> 

> I am looking for ways to secure a database that is being used over the net.

> I'm new to this topic and need recommendations on where to start.  In terms

> of getting to a database on the "clean" side of a server, is there any

> settings in the TNSNAMES.ora that allows you to get to the "dirty" side then

> loop to the "clean side" ?

> 

> Thanks,

> Frank




HI


first of all you'll need to configure the firewall to let the right
ports through and I'd make sure any access is strongly authenticated,
maybe via SecurID or similar at the firewall.



Think about the risks of accessing the _data_ (not just the RDBMS) over
the internet and what you can do to reduce the risks - theres and RFC
and  CERT advisory on this sort of thing. 



Martin
Received on Fri Apr 14 2000 - 00:00:00 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US