Re: SQL audit

• From: William Muriithi <william.muriithi@xxxxxxxxxxxxxxxxxxx>
• To: "'John.Hallas@xxxxxxxxxxxxxxxxxx'" <John.Hallas@xxxxxxxxxxxxxxxxxx>, "'kjped1313@xxxxxxxxx'" <kjped1313@xxxxxxxxx>, "'rtylka@xxxxxxxxx'" <rtylka@xxxxxxxxx>, "'jkstill@xxxxxxxxx'" <jkstill@xxxxxxxxx>
• Date: Tue, 22 Dec 2009 09:50:49 -0600

John

Interesting. It has never occurred to me that there could be disadvantages of 
password protecting the listener.

Would you be in the know on the logic behind this recommendation?

________________________________
From: oracle-l-bounce@xxxxxxxxxxxxx <oracle-l-bounce@xxxxxxxxxxxxx>
To: kjped1313@xxxxxxxxx <kjped1313@xxxxxxxxx>; rtylka@xxxxxxxxx 
<rtylka@xxxxxxxxx>; jkstill@xxxxxxxxx <jkstill@xxxxxxxxx>
Cc: Oracle-l <oracle-l@xxxxxxxxxxxxx>
Sent: Tue Dec 22 03:45:59 2009
Subject: RE: SQL audit

But Oracle’s recommendation is not to password protector the listener from 10G 
onwards

www.jhdba.wordpress.com

________________________________
From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On 
Behalf Of Kellyn Pedersen
Sent: 22 December 2009 02:02
To: rtylka@xxxxxxxxx; jkstill@xxxxxxxxx
Cc: Oracle-l
Subject: Re: SQL audit

I have had to implement auditing on Oracle Apps 11i and the auditors required 
it for SOX compliance, so first thing I would request is the auditor 
requirements that they need to track.  You might be surprised how little you 
actually have to audit or even turn on.
You also have the opportunity to challenge and demand they justify many of the 
requests, as they often will not even know what they are requesting or that 
some features are already tracked automatically by Oracle and you just need to 
write out a justification response of your own.
The odd items I did need to implement were:
- a shell script to track that the listener was password protected at all times.




______________________________________________________________________
Wm Morrison Supermarkets Plc is registered in England with number 358949. The 
registered office of the company is situated at Gain Lane, Bradford, West 
Yorkshire BD3 7DL. This email and any attachments are intended for the 
addressee(s) only and may be confidential.

If you are not the intended recipient, please inform the sender by replying to 
the email that you have received in error and then destroy the email.
If you are not the intended recipient, you must not use, disclose, copy or rely 
on the email or its attachments in any way.

Wm Morrison Supermarkets PLC accepts no liability or responsibility for 
anything said in the email or its attachments and gives no warranty as to 
accuracy. It is the policy of Wm Morrison Supermarkets PLC not to enter into 
any contractual or other obligations by email.

Although we have taken steps to ensure the email and its attachments are 
virus-free, we cannot guarantee this or accept any responsibility,
and it is the responsibility of recipients to carry out their own virus checks.
______________________________________________________________________

• Follow-Ups:
  • Re: SQL audit
    • From: Kellyn Pedersen
  • RE: SQL audit
    • From: John Hallas
  • Streams apply tags from triggers
    • From: Stuart Blackburn

Other related posts:

• » SQL audit- Rich Tylka
• » Re: SQL audit- Sharon . Kovac
• » Re: SQL audit- Jared Still
• » RE: SQL audit- Mark W. Farnham
• » Re: SQL audit- Kellyn Pedersen
• » RE: SQL audit- John Hallas
• » RE: SQL audit- Powell, Mark
• » Re: SQL audit- Jared Still
• » Re: SQL audit - William Muriithi
• » Re: SQL audit- Kellyn Pedersen
• » RE: SQL audit- John Hallas
• » Re: SQL audit- Rich Tylka
• » RE: SQL audit- Job Miller
• » Re: SQL audit- Yong Huang
• » Re: SQL audit- Dennis Yurichev
• » Re: SQL audit- Kellyn Pedersen

1. Home
2. oracle-l
3. Archive
4. 12-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---