Re: Back and a Question

Hi

You also have this, http://www.red-database-security.com

The first thing I would do is audit access to dba_users view :-P

With the information from dba_users you can easily obtain 6 character password in 30 minutes or so

On 8/15/06, Anjo Kolk <anjo.kolk_at_oraperf.com> wrote:
>
> http://www.Lumigent.com <http://www.lumigent.com/>
> http://www.appsecinc.com
> http://www.insight-tec.com/en/
>
> These are a few (and if other people know more let me know) companies that
> do DB security in one way or another.
>
> Sure there are people that can do a scan of the environment, but isn't
> that an one time action and shouldn't people be more involved with security
> on an ongoing basis?
>
>
> Anjo.
>
>
> On 8/15/06, ryan_gaffuri_at_comcast.net <ryan_gaffuri_at_comcast.net> wrote:
> >
> > what products check for DB security? I believe there is a whole
> > security IT sector with people who come into companies and look for holes in
> > their software. Is that the same thing?
> >
> >
> > -------------- Original message --------------
> > From: "Anjo Kolk" < anjo.kolk_at_oraperf.com>
> > So I made it back on the list, I have a question for you all about DB
> > security. There seems to be a lot of talk about DB security, but not a lot
> > of action. Is that true, and if it is true why don't customers act? There
> > are products out there to check for DB security, how are they doing? Does
> > any body on this list use them?
> >
> > Please share your thoughts and comments,
> >
> > --
> > Anjo Kolk
> > Owner and Founder OraPerf Projects
> > tel: +31-577-712000
> > mob: +31-6-55340888
> >
> >
>
>
> --
> Anjo Kolk
> Owner and Founder OraPerf Projects
> tel: +31-577-712000
> mob: +31-6-55340888
>

--
http://www.freelists.org/webpage/oracle-l