RE: Database and System Security

RE: Database and System Security

 

  

Good answer from Hans.

You may also want to consider doing something to the firewall/VPN as well.

All our DBA's have on call access to live systems by authenticating through
that ... so that would be the FIRST thing I disabled (you can bet your
bottom dollar that there is an OEM/other account that everyone's forgotten
about that has administrative access to pretty much everything ...) ...
hence you need to secure the company network.

-----Original Message-----
From: Hans [mailto:oracledba-ezmlmshield-x87047744.[Email address protected]
Sent: 02 November 2006 09:48
To: LazyDBA Discussion
Subject: RE: Database and System Security


1. change all passwords in the Oracle databases that are critical
(sys, system, dbsnmp, etc.)
2. remove his server user account
3. change the server password of oracle
4. remove his account from the network
5. change the listener password

Hans

-----Original Message-----
From: Bommareddy Anil Kumar
[mailto:oracledba-ezmlmshield-x88206988.[Email address protected]
Sent: donderdag 2 november 2006 9:43
To: LazyDBA Discussion
Subject: Database and System Security


Hi Gurus,
Our senior DBA is leaving job for good. He
remembers most the critical passwords[both databases and system] and ip
addresses. He is also technically sound from Network and OS perspective.
How to prevent any mischief or security as a result of this in near
future?

Thanks,
Anil


---------------------------------------------------------------------
TO REPLY TO EVERYBODY , PLEASE CLICK REPLY-ALL, NOT JUST REPLY To post a
dba job: http://jobs.lazydba.com To Subscribe : http://www.LazyDBA.com
To unsubscribe: http://www.lazydba.com/unsubscribe.html
-----------------------------------------------------------------
ATTENTION:
The information in this electronic mail message is private and
confidential, and only intended for the addressee. Should you
receive this message by mistake, you are hereby notified that
any disclosure, reproduction, distribution or use of this
message is strictly prohibited. Please inform the sender by
reply transmission and delete the message without copying or
opening it.

Messages and attachments are scanned for all viruses known.
If this message contains password-protected attachments, the
files have NOT been scanned for viruses by the ING mail domain.
Always scan attachments before opening them.
-----------------------------------------------------------------



---------------------------------------------------------------------
TO REPLY TO EVERYBODY , PLEASE CLICK REPLY-ALL, NOT JUST REPLY
To post a dba job: http://jobs.lazydba.com
To Subscribe : http://www.LazyDBA.com
To unsubscribe: http://www.lazydba.com/unsubscribe.html

****************************************************************************
****
IMPORTANT NOTICE

House of Fraser (Stores) Limited
Registered office: Granite House, 31 Stockwell Street, Glasgow G1 4RZ
Company Number: 10677

If you have received this e-mail in error, please notify the sender and
delete the e-mail and attachments immediately. This e-mail (including any
attachments) may contain confidential and/or privileged information. If you
are not the intended recipient, any reliance on, use, disclosure,
dissemination, distribution or copying of the e-mail or attachments is
strictly prohibited.
We have checked for viruses but the content of an attachment may still
contain software viruses, which could damage your computer system. We do not
accept liability for any damage you sustain as a result of a virus
introduced by this e-mail or attachment and you are advised to use
up-to-date virus checking software. E-mail transmission cannot be guaranteed
to be secure or error free.
This e-mail is not intended nor should it be taken to create any legal
relations, contractual or otherwise.
To view our latest in-store news click on: http://www.houseoffraser.co.uk

****************************************************************************
****

Oracle LazyDBA home page