Re: Oracle security - Book recommendation
- From: William Muriithi <william.muriithi@xxxxxxxxxxxxxxxxxxx>
- To: Jonathan Intner <jsidba@xxxxxxxxx>
- Date: Sun, 23 May 2010 12:17:00 -0500
Thanks guys
>
>
> Depending upon what you're trying to learn, I found David Litchfield's The
> Oracle Hacker's Handbook to be one of the most enlightening books on possible
> exploits for vulnerabilities in Oracle.
>
Good question, I was looking for a couple of details:
- Initial setup, precisely how strip all unnecessary schemas, permission.
Then add back permission when need arise and only as narrowly as possible
- RBAC and MAC setup. I am especially interested to see how practical it is to
implement RBAC on oracle
- Auditing
William
> Jonathan
>
> Here's an Amazon URL for the book:
>
> http://www.amazon.com/Oracle-Hackers-Handbook-Hacking-Defending/dp/0470080221/ref=pd_bxgy_b_img_a/103-0681362-4563844
>
> On Sat, May 22, 2010 at 4:32 PM, William Muriithi
> <william.muriithi@xxxxxxxxxxxxxxxxxxx> wrote:
> Hello Pals,
>
> I am planning to pick an oracle book with mainly security bias. I have
> already looked through Oracle security handbook (ISBN 0-07-213325-2) and
> though well written and good read, it sound a tad dated. It, for example does
> not have anything to do with oracle 10g as it was written in 2001.
>
> A bit of googling and I am now inclined to pick "HOWTO Secure and Audit
> Oracle 10g and 11g" or "Effective Oracle Database 10g Security by Design".
> Which of the two book is a better read? Or even better, is there another
> book out there that is even better that the above two?
>
> Regards,
>
> William--
> //www.freelists.org/webpage/oracle-l
>
>
>
--
//www.freelists.org/webpage/oracle-l
Other related posts:
