Guvenlik 2

6- Data dictionary ulasan sys userı diğer userların passwordlarını değiştirip tekrar geri kopyalayabilir.

SELECT password FROM dba_users WHERE username = ‘SCOTT’;
ALTER USER scott IDENTIFIED BY hijack;
CONNECT scott/hijack
GRANT SELECT ON scott.emp to PUBLIC
ALTER USER scott IDENTIFIED BY VALUES ‘23E3F8C1BB14BB4D’;

Bunu önlemek için mutlaka Alter user Audit yapmalıyız.

7- Authentication yöntemi olarak Oracle internet directory seçelim.

Önce oracle internet directory install ediyoruz. Oracle application server cd’sinden infra kurarak yapabiliriz.
Daha sonra databaseden Netca acıp direcory seciyoruz. Son olarakda DBCA configure database seçeneklerinden database internet diretory register edelim. Artık userları Global yaratabiliriz.

8- Audit trail databasein dısına tasıyalım. Unixlerde ve linux makinalarda syslog audit için açalım.

9- Database vault ve audit vault kullanalım.

10-
ALTER SYSTEM SET AUDIT_TRAIL = DB_EXTENDED SCOPE=SPFILE;
audit insert, update, delete on scott.emp by access;
Startup force;

execute :salary := 7000;
update SCOTT.EMP set sal = :salary where empno = 9000

select owner, obj_name, action_name, sql_bind, sql_text from dba_audit_trail;
One Oracle returned for the update statement shows the SQLTEXT and the SQLBIND values like this:
SQLTEXT -> update SCOTT.EMP set sal = :salary
where empno = 9000
SQLBIND -> #1(4):7000

Yukarıdaki örnektende anlaşıldığı üzere database bazında sql textlerimizi ve sql bind değişkenlerimizi görebiliyoruz. 1 ilk sefer oldugu 4 auditlenen alanı 7000 de değerini gösterir.

Advertisements

About oracledocuments

Zekeriya Beşiroğlu, It joined the Bilginc IT Academy in July 2000. In the meantime, the Oracle Education, Oracle Data Base Management System and Oracle Internet Technologies, Oracle development technologies such as the training of Oracle products is responsible for training as consultants. During this task, since 1 April 2008 with 293 Oracle training in total, in 2150 Oracle customers successfully submitted. Oracle 10g New York in November 2002 have received training and education in Turkey was the first time the consultants. 20 April 2008 on education in Turkey 11g is the first who was a consultant. Oracle Real Application Cluster Expert advisor is certified is the first . Http://zekeriyabesiroglu.blogspot.com and Http://www.oracleforum.info owner and manager of the site. Its own has more than one hundred articles. In addition, creation and improvement of training materials are also related to work. Oracle products are used, database management and reporting Academy eruditely It also is working on. From the date of 1 January 2009 will continue to work as the Technical Director
This entry was posted in Uncategorized and tagged . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s