Re: Fw: OT - Getting fired for database oops
- From: Nuno Souto <dbvision@xxxxxxxxxxxx>
- Date: Thu, 28 May 2009 22:55:26 +1000
Frits Hoogland wrote,on my timestamp of 28/05/2009 5:37 AM:
But even if it's done in the most perfect way, if not *all* components involved (network, operating system, database, applications) are tightly secured, a mistake in another layer could easily lead to compromise. Also, in the cases I encountered, the security auditor has no/little technical knowledge, which means that with some suggesting and some omitting of details it's quite easy to pass the audit.It reminds me of a saying in the network world about firewalls: 'the harder on the outside, the softer on the inside'. At least until two years ago, the default operator interface of networking components like switches and routers, but disturbingly even firewalls is telnet. SSH (encrypted) access is an option...
Good points. It's always surprised me in some sites to see intranet security trusted almost exclusively to the firewall.
Then when asked about intruder detection, the reply is "uh?".
Many others as well trust monitoring/management to SNMP over UDP...
Then again, how far does one take the paranoia?
("paranoia" in the sense of obsession over security, not the clinical one)
Like someone else said: the biggest danger is often internal!
--
Cheers
Nuno Souto
in sunny Sydney, Australia
dbvision@xxxxxxxxxxxx
--
http://www.freelists.org/webpage/oracle-l
- Follow-Ups:
- Re: OT - Getting fired for database oops
- From: Niall Litchfield
- Re: OT - Getting fired for database oops
- References:
- Re: Fw: OT - Getting fired for database oops
- From: Jared Still
- Re: Fw: OT - Getting fired for database oops
- From: Jared Still
- RE: Fw: OT - Getting fired for database oops
- From: Andre van Winssen
- Re: Fw: OT - Getting fired for database oops
- From: Nuno Souto
- Re: Fw: OT - Getting fired for database oops
- From: Andre van Winssen
- Re: Fw: OT - Getting fired for database oops
- From: Nuno Souto
- RE: Fw: OT - Getting fired for database oops
- From: Tanel Poder
- Re: Fw: OT - Getting fired for database oops
- From: Andre van Winssen
- RE: Fw: OT - Getting fired for database oops
- From: Tanel Poder
- RE: Fw: OT - Getting fired for database oops
- From: Andre van Winssen
- Re: Fw: OT - Getting fired for database oops
- From: Frits Hoogland
- Re: Fw: OT - Getting fired for database oops
Other related posts:
- » Fw: OT - Getting fired for database oops - Guang Mei
- » Re: Fw: OT - Getting fired for database oops - Andrew Kerber
- » Re: Fw: OT - Getting fired for database oops - Jared Still
- » Re: Fw: OT - Getting fired for database oops - Rich Jesse
- » Re: Fw: OT - Getting fired for database oops - S. Anthony Sequeira
- » Re: Fw: OT - Getting fired for database oops - Yong Huang
- » Re: Fw: OT - Getting fired for database oops - Adric Norris
- » Re: Fw: OT - Getting fired for database oops - Jared Still
- » Re: Fw: OT - Getting fired for database oops - Rich Jesse
- » Re: Fw: OT - Getting fired for database oops - Jared Still
- » Re: Fw: OT - Getting fired for database oops - Tony van Lingen
- » RE: Fw: OT - Getting fired for database oops - Joel.Patterson
- » Re: Fw: OT - Getting fired for database oops - Thomas Day
- » Re: Fw: OT - Getting fired for database oops - Jared Still
- » Re: Fw: OT - Getting fired for database oops - Ravi Gaur
- » RE: Fw: OT - Getting fired for database oops - SHEEHAN, JEREMY
- » RE: Fw: OT - Getting fired for database oops - Bobak, Mark
- » Re: Fw: OT - Getting fired for database oops - Jared Still
- » Re: Fw: OT - Getting fired for database oops - Thomas Day
- » Re: Fw: OT - Getting fired for database oops - Jack van Zanen
- » Re: Fw: OT - Getting fired for database oops - Howard Latham
- » RE: Fw: OT - Getting fired for database oops - Andre van Winssen
- » Re: Fw: OT - Getting fired for database oops - Jared Still
- » RE: Fw: OT - Getting fired for database oops - Andre van Winssen
- » RE: Fw: OT - Getting fired for database oops - Tanel Poder
- » Re: Fw: OT - Getting fired for database oops - Nuno Souto
- » Re: Fw: OT - Getting fired for database oops - Niall Litchfield
- » Re: Fw: OT - Getting fired for database oops - Jared Still
- » Re: Fw: OT - Getting fired for database oops - Andre van Winssen
- » Re: Fw: OT - Getting fired for database oops - Nuno Souto
- » RE: Fw: OT - Getting fired for database oops - Tanel Poder
- » RE: Fw: OT - Getting fired for database oops - Bobak, Mark
- » Re: Fw: OT - Getting fired for database oops - Nuno Souto
- » Re: Fw: OT - Getting fired for database oops - Stephen Booth
- » Re: Fw: OT - Getting fired for database oops - Andre van Winssen
- » Re: Fw: OT - Getting fired for database oops - Connor McDonald
- » RE: Fw: OT - Getting fired for database oops - Tanel Poder
- » RE: Fw: OT - Getting fired for database oops - Andre van Winssen
- » Re: Fw: OT - Getting fired for database oops - Frits Hoogland
- » Re: Fw: OT - Getting fired for database oops - Nuno Souto