Comments on: Oracle Rootkit http://awads.net/wp/2006/01/24/oracle-rootkit/ News, views, tips and tricks on Oracle and other fun stuff Tue, 06 Jan 2009 05:49:39 +0000 http://wordpress.org/?v=2.7 hourly 1 By: Tom_Fox http://awads.net/wp/2006/01/24/oracle-rootkit/comment-page-1/#comment-1254 Tom_Fox Tue, 24 Jan 2006 20:21:45 +0000 http://awads.net/wp/?p=204#comment-1254 <p>I was a security consultant prior to being a DBA.</p> <p>I found that many folks tend to think of security as blocking outsiders. Yet, too many times, an internal attack causes more problems, due to lack of auditing for internal users. Further, if a company deploys a VPN with another company, you can possibly have users at another company taking stabs at your data without your knowledge.</p> <p>Oh boy, what a wonderful world we live in.</p> <p>--Tom</p> I was a security consultant prior to being a DBA.

I found that many folks tend to think of security as blocking outsiders. Yet, too many times, an internal attack causes more problems, due to lack of auditing for internal users. Further, if a company deploys a VPN with another company, you can possibly have users at another company taking stabs at your data without your knowledge.

Oh boy, what a wonderful world we live in.

–Tom

]]> By: Eddie Awad http://awads.net/wp/2006/01/24/oracle-rootkit/comment-page-1/#comment-1251 Eddie Awad Tue, 24 Jan 2006 20:03:19 +0000 http://awads.net/wp/?p=204#comment-1251 <p><i>The DBSA already exists in many larger organizations</i></p> <p>I guess in smaller (even medium) size organizations, database security is mainly the responsibility of a DBA, and, to alesser extent, database developers. -- Thanks Lewis.</p> The DBSA already exists in many larger organizations

I guess in smaller (even medium) size organizations, database security is mainly the responsibility of a DBA, and, to alesser extent, database developers. — Thanks Lewis.

]]> By: Lewis Cunningham http://awads.net/wp/2006/01/24/oracle-rootkit/comment-page-1/#comment-1247 Lewis Cunningham Tue, 24 Jan 2006 12:46:06 +0000 http://awads.net/wp/?p=204#comment-1247 <p>Hi Eddie,</p> <p>The DBSA already exists in many larger organizations. With all of the compliance regulations and issues in recent years, it's important to have someone responsible for database security that understands the laws and regualtions around data at rest. Understanding rootkits and keeping up with the latest from both Oracle and hackers is an important part of the job.</p> <p>Thanks,</p> <p>LewisC http://blogs.ittoolbox.com/oracle/guide/</p> Hi Eddie,

The DBSA already exists in many larger organizations. With all of the compliance regulations and issues in recent years, it’s important to have someone responsible for database security that understands the laws and regualtions around data at rest. Understanding rootkits and keeping up with the latest from both Oracle and hackers is an important part of the job.

Thanks,

LewisC
http://blogs.ittoolbox.com/oracle/guide/

]]>