What are three things we can do to quickly and easily to increase the security posture of our Oracle databases?

http://www.araboug.o...st=#entry187607 sqlnet.oralistener : Make sure the listener is password protected (this can be done via the lsnrctl utility or through the Netmanager GUI) and logging is enabled. Prevent people from modifying the listener remotely by adding the ADMIN_RESTRICTIONS_ = ON string to your listener.ora file. This is the default behavior in Oracle 10g and above unless you have disabled Local OS authentication by adding LOCAL_OS_AUTHENTICATION_ = OFF to your listener.ora file. sqlnet.ora OS Othentication names.directory_path = (TNSNAMES) Be aware that securing the listener in 11g deviates from this advice! In 11g, the default listener can only be administered locally. Furthermore, the listener utilizes the local OS authentication to determine which user started the listener, and only allows that user (and super users) to administer the listener. However, setting a password for the 11g listener will ALLOW remote administration! For the Oracle 11g listener, you will actually reduce the database's network security posture by enabling a listener password. It is counter-intuitive, but this is a huge security improvement for the listener. There are many actions you can take to further harden your listener from attack, but these can be quickly and easily implemented on most systems with no adverse effects. OS permissions : Access should be appropriately, and strictly controlled to all the Oracle binaries, system files, archived redo logs and backups. Archived redo logs can easily be mined to divulge data that has been entered into your database using the Oracle LOGMNR utility, and cold backups or raw datafiles can be effectively read using a simple hex editor. ) : ( If an attacker can gain physical access to your system, they can get to your data. Even Full Disk Encryption (FDE) can be defeated if someone gains access to the hardware. Depending on the size of your business, this may be as simple as changing out a few doorknobs. For a large

organization, this is not a quick and easy endeavor it requires considerable planning and implementation. However, it requires very little Oracle expertise to significantly mitigate this critical risk. sys http://www.orafaq.com/node/567
select USERNAME,OSUSER ,TERMINAL (SYSDATE-logon_time)*24 "Hours" from sys.v_$session; ,SYSDATE-logon_time "Days",

create table log_errors_tab ( error varchar2(30), timestamp date, username varchar2(30), osuser varchar2(30), machine varchar2(64), process varchar2(8), program varchar2(48)); create or replace trigger log_errors_trig after servererror on database declare var_user varchar2(30); var_osuser varchar2(30); var_machine varchar2(64); var_process varchar2(8); var_program varchar2(48); begin select username, osuser, machine, process, program into var_user, var_osuser, var_machine, var_process, var_program from sys.v_$session where audsid = userenv('sessionid'); insert into log_errors_tab values(dbms_standard.server_error(1),sysdate,var_user, var_osuser,var_machine,var_process,var_program); end;