[Previous entry: "A live file system Linux floppy disk rescue system"] [Next entry: "Ed had an interesting post yesterday about $ tables, DBA views and x$ tables"]
A good list of Oracle security check items
November 29th, 2004 by Pete
Post to del.icio.us
Post to Furl
This mornings newsletter from DBA Village included in the news item section an entry Oracle Security Checks. This looked like a subject that would interest me so I went to have a look.
If you go to the link yourself you will need a free registration on the DBA Village web site first before you can access it. The link actually referenced the policy pages on Application Security Inc's website. The poster said there are 1000 links there with Oracle security checks on them. This is not actually true as you will see, I added a note to the tip on DBA Village as some of these policy pages are for other products made available by Application Security Inc, such as their Domino tool or SQL Server tool. Some are for Oracle of course.
The poster also noted that there is no index page for all the checks/policies. I did a quick surf myself and did not find one. That doesn't mean there is not one :). Also there are holes in the sequence as i did a couple of random checks. The pages listed are of the form https://www.appsecinc.com/Policy/PolicyCheck1.html to https://www.appsecinc.com/Policy/PolicyCheck1000.html according to the poster. I also did a quick search on google and found a similar page https://www.appsecinc.com/Policy/PolicyCheck2525.html.
Despite the fact that these pages are not indexed this is a great resource for Oracle security information.
Aaron Newman says:
November 30th, 2004 at 06:10 pm
Here is an index for the page:
http://www.appsecinc.com/cgi-bin/show_policy_list.pl?app_type=2&category=6
This allows you to manuever the checks.