Re: Security audit of Oracle databases
- From: stephen booth <stephenbooth.uk@xxxxxxxxx>
- To: Niall Litchfield <niall.litchfield@xxxxxxxxx>
- Date: Tue, 12 Apr 2005 19:41:32 +0100
On Apr 12, 2005 2:18 PM, Niall Litchfield <niall.litchfield@xxxxxxxxx> wrote:
> That's true enough, though I can't see why folk wouldn't put *nix boxes
> behind firewalls that didn't allow remote access either...
>
I've not had much direct problem with that myself. The networks
people are usually OK about opening up ssh on request, within the WAN
at least, once it's been explained them. ssh sems to be sufficient
for most Oracle DBA work, for now.
X11 is usually blocked, with good reason, which can cause problems for
the users who don't understand the command line and demand a graphical
interface. X11 can be tunnelled over ssh/ssl but that requires
setting up before hand which doesn't always get done. I can see this
becoming more of a problem as more functionality gets made GUI only.
VNC, Citrix, Windows Terminal Services and, especially, PCAnywhere
tend to be seen as a bigger security risk and so they're less likely
to be allowed through.
Stephen
--
It's better to ask a silly question than to make a silly assumption.
--
//www.freelists.org/webpage/oracle-l
Other related posts:
