Re: Oracle security - Book recommendation

• From: Guillermo Alan Bort <cicciuxdba@xxxxxxxxx>
• To: william.muriithi@xxxxxxxxxxxxxxxxxxx
• Date: Sun, 23 May 2010 22:16:06 -0300

Best Oracle Security site: http://www.petefinnigan.com/ (Pete usually writes
in this list as well).

There it at least one book by him in Amazon: Oracle Security: Step-by-Step

I haven't personally read it, though. But after reading his white papers I'd
wager it's a good book.

If I ever get into DB security (seriously get into it, and not just
implement the usual corporate 'security' policies) it's the first book on my
list.

hth

Alan.-


On Sun, May 23, 2010 at 2:17 PM, William Muriithi <
william.muriithi@xxxxxxxxxxxxxxxxxxx> wrote:

> Thanks guys
> >
> >
> > Depending upon what you're trying to learn, I found David Litchfield's
> The Oracle Hacker's Handbook to be one of the most enlightening books on
> possible exploits for vulnerabilities in Oracle.
> >
>
> Good question, I was looking for a couple of details:
>
> - Initial setup,  precisely how strip all unnecessary schemas, permission.
>  Then add back permission when need arise and only as narrowly as possible
>
> - RBAC and MAC setup. I am especially interested to see how practical it is
> to implement RBAC on oracle
>
> - Auditing
>
>
> William
>
> > Jonathan
> >
> > Here's an Amazon URL for the book:
> >
> >
> http://www.amazon.com/Oracle-Hackers-Handbook-Hacking-Defending/dp/0470080221/ref=pd_bxgy_b_img_a/103-0681362-4563844
> >
> > On Sat, May 22, 2010 at 4:32 PM, William Muriithi <
> william.muriithi@xxxxxxxxxxxxxxxxxxx> wrote:
> > Hello Pals,
> >
> > I am planning to pick an oracle book with mainly security bias. I have
> already looked through Oracle security handbook (ISBN 0-07-213325-2) and
> though well written and good read, it sound a tad dated. It, for example
> does not have anything to do with oracle 10g as it was written in 2001.
> >
> > A bit of googling and I am now inclined to pick "HOWTO Secure and Audit
> Oracle 10g and 11g" or "Effective Oracle Database 10g Security by Design".
>  Which of the two book is a better read?  Or even better, is there another
> book out there that is even better that the above two?
> >
> > Regards,
> >
> > William--
> > //www.freelists.org/webpage/oracle-l
> >
> >
> >
>
> --
> //www.freelists.org/webpage/oracle-l
>
>
>

• Follow-Ups:
  • RE: Oracle security - Book recommendation
    • From: Dunbar, Norman
  • Re: Oracle security - Book recommendation
    • From: Jared Still

• References:
  • Oracle security - Book recommendation
    • From: William Muriithi
  • Re: Oracle security - Book recommendation
    • From: Jonathan Intner
  • Re: Oracle security - Book recommendation
    • From: William Muriithi

Other related posts:

• » Oracle security - Book recommendation- William Muriithi
• » Re: Oracle security - Book recommendation- Karl Arao
• » Re: Oracle security - Book recommendation- Jonathan Intner
• » Re: Oracle security - Book recommendation- William Muriithi
• » Re: Oracle security - Book recommendation - Guillermo Alan Bort
• » RE: Oracle security - Book recommendation- Dunbar, Norman
• » Re: Oracle security - Book recommendation- Jared Still
• » RE: Oracle security - Book recommendation- Dunbar, Norman
• » Re: Oracle security - Book recommendation- Jared Still
• » Re: Oracle security - Book recommendation- Martin Bach

1. Home
2. oracle-l
3. Archive
4. 05-2010

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---