VIRUS ATTACK, Which parameters to set in database to protect database and system

Similar Messages

• Importing full database and SYSTEM password

  Hi,
  I have a export dump of a database (full database dump). Want to import on my existing database.
  I have create a database, with tablespaces matching names with source database (i.e. got a list of tablespaces from the dba of source database and created them). Now, I am ready to import with imp command (with FULL=Y option).
  Will the full database import change my SYSTEM's password to the system's password on the source database ?
  Reason for this question is, If you try to read the export of full database (using wordpad !!), you will find all commands creating tablespaces, users, roles etc etc etc. Also, you will see commands which alter the users SYS and SYSTEM to change the password !!!
  Any past experiences ??
  Thanks in advance.

  Hi,
  >>Will the full database import change my SYSTEM's password to the system's password on the source database ?
  Yes, take a look at demonstration below:
  C:\>exp system/pass file=test.dmp full=y statistics=none
  Export: Release 10.2.0.1.0 - Production on Mon Apr 21 13:59:51 2008
  Copyright (c) 1982, 2005, Oracle.  All rights reserved.
  Connected to: Oracle Database 10g Express Edition Release 10.2.0.1.0 - Production
  Export done in WE8MSWIN1252 character set and AL16UTF16 NCHAR character set
  About to export the entire database ...
  . exporting tablespace definitions
  . exporting profiles
  . exporting user definitions
  . exporting roles
  . exporting resource costs
  . exporting rollback segment definitions
  . exporting database links
  . exporting sequence numbers
  . exporting directory aliases^C
  C:\>findstr /C:"ALTER USER SYS" TESTE.DMP
  ALTER USER SYS IDENTIFIED BY VALUES '5638228DAF52805F' TEMPORARY TABLESPACE "TEMP"
  ALTER USER SYSTEM IDENTIFIED BY VALUES 'D4DF7931AB130E37' TEMPORARY TABLESPACE "TEMP"
  Cheers
  Legatti

• [svn:fx-trunk] 6201: Introduces a new method to the IItemRendererOwner contract, updateRendererInformation(), which handles the setting of a renderer' s data and data-dependant properties.

  Revision: 6201
  Author:   [email protected]
  Date:     2009-04-22 14:15:50 -0700 (Wed, 22 Apr 2009)
  Log Message:

  Well the answer depends on whether you want to use the DefaultTableModel or a custom TableModel. The key point to either solution is that you want to store all the data in the table model.
  1) Using the DefaultTableModel
  All the data from your Person object is added to the model. By default the table will create a column for each column of data added to the model. However, this doesn't mean that you need to display every column in the table. After creating the JTable you can simply do:
  table.getColumnModel().removeColumn(...);to remove the columns you don't have room to display. You can still access the values in the model by using:
  table.getModel().getValueAt(...);2) Create a custom TableModel
  You can keep all the data in your Person object and then write a custom model to access the data. Something like this example:
  http://forum.java.sun.com/thread.jspa?forumID=57&threadID=610618
  Note: the example isn't complete as you still need methods to add each Person object or the entire List of Persons to the model.
  Again, you would need to remove the columns you don't want displayed.
  In either case you can then handle the tooltip by overriding the getTooltipText(...) method. Something like:
  public String getToolTipText( MouseEvent e )
       int row = rowAtPoint( e.getPoint() );
       int column = columnAtPoint( e.getPoint() );
       Object value = getValueAt(row, column);
       return value == null ? null : value.toString();
  }

• Using Power Book G4 with OSX 10.5.8 okay from virus attack?

  Is my Mac Powerbook G$ with OSX 10.5.8 safe from virus attack or do I need to protect Safar?

  Lawrence1946 wrote:
  Is my Mac Powerbook G$ with OSX 10.5.8 safe from virus attack or do I need to protect Safar?
  It is very important to speak precisely about these matters to avoid jumping to unfounded conclusions that lead to erroneous reactions. You said "virus attack" which is a mischaracterization of the problem. It was a vulnerability, only the potential for a man-in-the-middle attack which has absolutely nothing to do with viruses.
  For your Mac to be attacked, it would have to be attempting an SSL connection with Safari or other related frameworks, and there would have to be another user on the same wifi network as yourself intercepting the transmissions and skilled enough in network coding to implement a man-in-the-middle attack. So users on school and public wifi networks using Safari were vulnerable, but home users on their own password-protected networks or Chrome/Firefox users were not particularly vulnerable.
  From the articles on Mac sites that I read, which described all of the above, it was also said that only Mavericks was vulnerable. However, there were other security updates issued for Mountain Lion and Lion to address other issues.
  10.5.8 along with 10.6 are no longer supported due to age and no longer receive security updates.

• Video Uploading in oracle database and playing that video in a jsf page

  Aoa,
  I want to upload videos in oracle database and I also want to play those videos using <af:media> tag in JDeveloper 11g. I have an applicaton which stores images in the database
  and show the images but when I try to upload videos lot of exceptions come.
  any suggestions / help

  Getting OracleMultimedia to work can be tricky. What kind of file are you trying to load into the database?

• Database management systems trends

  Hello,
  Is there any official document which tries to predict the database management system trends? Like cloud computing? Distributed database systems?
  Thank you.

  Is there any official document which tries to predict the database management system trends? Like cloud computing? Distributed database systems?I doubt that there is any official document. Every analyst may see it differently.
  For example, my vision is -
  DBMSes move in various aspects simultaneously, including
  cloud computing and distributed database systems.
  Other aspects are:
  - standartisation of SQL language,
  - Very Large DB
  - using specific hardware and DB architecture for performance,
  - embedded DBs,
  - in memory DBs,
  - 100% online administration and management transparent to users,
  - automatic "self" administration and management
  - very smart optimizers
  - new data types (XML)
  - structure-less DBMS
  - DBMS that organizes data and detects data relationships automatically
  ...

• How do I set a Password to protect client pages on my website?

  I have a Website that has a Client page and
  when a client clicks on their projects i need a passw
  ord popup to secure entry into the private pages. any
  suggestions?

  The quick and dirty solution is to set up a password protected directory and upload the private pages to it. If you have access to a Control Panel on your server then you can do this yourself.
  The server will then launch an authentication dialogue (username/password) before delivering the page to the browser.

• Which is more efficient way to get result set from database server

  Hi,
  I am working on a project where I require to query database to fetch result set and then iterate through the resultset. Now, What I want is that I want to create one single java code that would call many different SQLs and create a list out of resultset. There are two approaches for me.
  1.) To create a txt file where I can store my queries. My java program can read this file and get the appropriate query to be used.
  2.) To create a stored procedure containing the queries and call the stored procedure from my java program. Also, not that some of the queries needs to be created dynamically depending upon the parameteters supplied.
  Out of these two approches which is optimum and why?
  Also, following things to be noted.
  1. At times I want to create where clause of the query dynamically depenending upon the parameters passed.
  2. I want one single java file that will handle all database calls.
  3. Paramters to the stored procedure can be passed using array descriptor.
  4. Conneciton I am making using JNDI.
  Please do provide me optimum way of out these two. You may also suggest some other approaches, if any.
  Thanks,
  Rajan
  Edited by: RP on Jun 26, 2012 11:11 PM

  RP wrote:
  In case of queries stored in text files. I will require to replace some pre defined placeholder with actual parameters and then pass that modified query to db engine. Even I liked the second approach as it is more easily maintainable. There are a couple of issues. Shared SQL is one. Irrespective of the method used, the SQL cursor that is created needs to have bind variables. This ensures re-usability of the cursor. This reduces the risk of Shared Pool fragmentation. This lowers hard parsing and reduces CPU utilisation.
  Another issue is flexibility. If the SQL cursors are created by stored procedures, this code resides on the server and abstracts the Java client from the complexities of SQL and SQL performance. The code can easily be updated and fine tuned to deliver faster/better SQL cursors, or modified to take new Oracle features, changes in data model, and so on, into consideration. This stored proc can be updated without having to touch or recompile a single byte of Java client code.
  There's also the security issue. What is more secure? SQL encapsulated in stored procs in a secure database and server environment? Or SQL "encapsulated" in text files on the client?
  The less code you have running on the client, the less code you have running in the wild that can be compromised without having to first compromise the server.
  Only I was worried about any performace issue might happen using this approach. Performance is not a factor of who creates the SQL cursor.
  Whether Java client creates a SQL cursor, or a PL/SQL stored proc creates a SQL cursor, or a .Net client creates a SQL cursor - that SQL cursor does not know what the client is. It does not care what the client is. The SQL cursor performs as well as it is capable of.. given the execution plan, data volumes, server resources and speed/performance of the server.
  The client language and SQL cursor interface used by the client (there are several in PL/SQL), determines the performance of the client's interaction with the cursor (e.g. round trips to the database when interfacing with the cursor). The client language (and its client interface to the cursor) does not dictate the actual performance of that SQL cursor on the database (does not make joins faster, or I/O faster)
  One more question, Will my java program close the cursor that I opened in Procedure?That you need to ask your Java code. Java code leaking ref cursors are unfortunately all too common. You need to make sure that your Java client interface to SQL cursors, closes the cursor handle when done.

• To access a 11gr1 db from remote server which parameters needs to be set

  Hi,
  I would like to access my db from a remote server, for this which parameters i need to set?
  Thanks,

  By default you don't need to set any instance parameter for this because Oracle Net listener will run on port 1521 and database will register dynamically to local listener on port 1521.
  If listener does not listen on port 1521 then you need to set instance parameter LOCAL_LISTENER: http://docs.oracle.com/cd/E11882_01/network.112/e10836/listenercfg.htm#CHDCCHIC.

• How to Import Database user in oracle which have character set AL32UTF8?

  Hello All,
  I want export one database user which have character set in WE8MSWIN1252 and I want to Import that Database user in oracle which have character set AL32UTF8 without changing character set.
  is there any argument in import command??
  thanks

  There's no problem, export and import will take care of character set conversions, the only problem is AL32UTF8 is a variable size character set, if 'ñ' uses 1 byte in WE8MSWIN1252, in AL32UTF8 it will use 2 bytes, so it's recommended to pre-create the tables with "char" instead of "byte": create table xxx ( col1 varchar2(100 char), ... )
  Enrique

• SQL Server Virus Attack - Recover main database (MDF) using log (LDF) file

  Hi ! My server was hit by some unknown virus which seems to have corrupted header information for many of our files including an important databases and some of its backups.  However the log file (.LDF) for the live DB was not affected. I also have
  a relatively old .BAK backup file.  Is it possible to bring the DB (.MDF) in the old backup to Live standard using the new/latest Log file? If so, how?
  Any help is truly appreciated.

  Hello,
  Yes, that is theoretically possible if
  - database is in "Full" recovery mode
  - since the "old backup" no other backups were done (beside copy-only)
  Run a log backup, then you can restore full + log backup, as it's best as a new database to keep the old (damaged) one for safety.
  See
  Restore a Database Backup (SQL Server Management Studio)
  Restore a Transaction Log Backup (SQL Server)
  And for the future:
  MS Support: How to choose antivirus software to run on computers that are running SQL Server
  Olaf Helper
  [ Blog] [ Xing] [ MVP]

• How to use stored procedure which returns result set in OBIEE

  Hi,
  I hav one stored procedure (one parameter) which returns a result set. Can we use this stored procedure in OBIEE? If so, how we hav to use.
  I know we hav the Evaluate function but not sure whether I can use for my SP which returns result set. Is there any other way where I can use my SP?
  Pls help me in solving this.
  Thanks

  Hi Radha,
  If you want to cache the results in the Oracle BI Server, you should check that option. When you run a query the Oracle BI Server will get its results from the cache, based on the persistence time you define. If the cache is expired, the Oracle BI Server will go to the database to get the results.
  If you want to use caching, you should enable caching in the nqsconfig.ini file.
  Cheers,
  Daan Bakboord

• Compaq Presario 2710CA Start Up problems after virus attack!

  Hello,
  I am having great difficulty with my Presario 2710CA following a 'Windows Recovery' Virus attack.
  After removal of the virus (I used the MalwareBytes Anti Malware for the clean up), I rebooted the machine as required but now getting the error message below:
  We apologize for the inconvenience, but Windows did not start successfully. A recent hardware or software change might have caused this.
  If your computer stopped responding, restarted unexpectedly, or was automatically shut down to protect your files and folders, choose Last Known Good Configuration to revert to the most recent settings that worked.
  If a previous startup attempt was interrupted due to a power failure or because the Power or Reset button was pressed, if you aren’t sure what caused the problem, choose Start Windows Normally.
  Safe Mode
  Safe Mode with Networking
  Safe Mode with Command Prompt
  Last Known Good Configuration (your most recent settings that worked)
  Start Windows Normally
  Use the up and down arrow keys to move the highlight to your choice.
  Seconds until Windows starts: 28
  I have tried all the options listed above but nothing seem to work. It starts the process as normal, the Windows XP logo comes up and then it returns to the above screen. All options above result in the same process. Pressing F8 freezes the process.
  I am desperate to get my laptop back as it has been a great asset. I run a small business from home and all my accounting data and business information is held in this computer.
  For anyone interested, I also have Norton Antivirus on the laptop but it didn't detect or remove the malware.
  I do not have the Quick Restore CD with me and the leaflet that came with the laptop says contact Compaq at:
  www:compaqordercenter.com/freeQR but this url no longer seems to work.
  I am not even sure whether it is a hard disk problem or Windows XP problem (or something else). My primary concern is to get the data held in the laptop back and therefore do not want to erase that by restoring to factory set up.
  Can someone please please help me?
  Thanks in advance.

  Sounds like a nasty rootkit, my advice is to boot from an Ubuntu CD and back up your critical data to an external hard drive and then do a clean install or factory restore of XP.
  http://www.howtogeek.com/howto/windows-vista/use-u​buntu-live-cd-to-backup-files-from-your-dead-windo​...

• Question on the new virus attack warning on the Mac

  Hi everybody,
  Just wondering if anyone is getting worried about the new virus attacks that are predicted on their way at the Mac according to media sources. I have Firewall on and also Stealth Mode enabled but I'm worried now if that's enough. I've looked at ClamX but that seems like it can cause other problems. MacScan seems to be good software for a decent price. Any ideas from anyone will be appreciated.
  Rich

  No viruses that can attack OS X have so far been detected 'in the wild', i.e. in anything other than laboratory conditions.
  It is possible, however, to pass on a Windows virus to another Windows user, for example through an email attachment. To prevent this all you need is the free anti-virus utility ClamXav, which you can download from:
  http://www.clamxav.com/
  However, the appearance of Trojans and other malware that can possibly infect a Mac seems to be growing, but is a completely different issue to viruses.
  If you allow a Trojan to be installed, the user's DNS records can be modified, redirecting incoming internet traffic through the attacker's servers, where it can be hijacked and injected with malicious websites and pornographic advertisements. The trojan also installs a watchdog process that ensures the victim's (that's you!) DNS records stay modified on a minute-by-minute basis.
  You can read more about how, for example, the OSX/DNSChanger Trojan works here:
  http://www.f-secure.com/v-descs/trojanosxdnschanger.shtml
  SecureMac has introduced a free Trojan Detection Tool for Mac OS X. It's available here:
  http://macscan.securemac.com/
  The DNSChanger Removal Tool detects and removes spyware targeting Mac OS X and allows users to check to see if the trojan has been installed on their computer; if it has, the software helps to identify and remove the offending file. After a system reboot, the users' DNS records will be repaired.
  (Note that a 30 day trial version of MacScan can be downloaded free of charge from:
  http://macscan.securemac.com/buy/
  and this can perform a complete scan of your entire hard disk. After 30 days the cost is $29.99. The full version permits you to scan selected files and folders only, as well as the entire hard disk. It will detect (and delete if you ask it to) all 'tracker cookies' that switch you to web sites you did not want to go to.)
  A white paper has recently been published on the subject of Trojans by SubRosaSoft, available here:
  http://www.macforensicslab.com/ProductsAndServices/index.php?mainpage=document_general_info&cPath=11&productsid=174
  Also, beware of MacSweeper:
  MacSweeper is malware that misleads users by exaggerating reports about spyware, adware or viruses on their computer. It is the first known "rogue" application for the Mac OS X operating system. The software was discovered by F-Secure, a Finland based computer security software company on January 17, 2008
  http://en.wikipedia.org/wiki/MacSweeper
  On June 23, 2008 this news reached Mac users:
  http://www.theregister.co.uk/2008/06/23/mac_trojan/
  More information on Mac security can be found here:
  http://macscan.securemac.com/
  The MacScan application can be downloaded from here:
  http://macscan.securemac.com/buy/
  You can download a 30 day trail copy which enables you to do a full scan of your hard disk. After that it costs $29.95.
  More on Trojans on the Mac here:
  http://www.technewsworld.com/story/63574.html?welcome=1214487119
  This was published on July 25, 2008:
  Attack code that exploits flaws in the net's addressing system are starting to circulate online, say security experts.
  The code could be a boon to phishing gangs who redirect web users to fake bank sites and steal login details.
  In light of the news net firms are being urged to apply a fix for the loop-hole before attacks by hi-tech criminals become widespread.
  Net security groups say there is anecdotal evidence that small scale attacks are already happening.
  Further details here: http://news.bbc.co.uk/2/hi/technology/7525206.stm
  A further development was the Koobface malware that can be picked up from Facebook (already a notorious site for malware, like many other 'social networking' sites), as reported here on December 9, 2008:
  http://news.bbc.co.uk/newsbeat/hi/technology/newsid_7773000/7773340.stm
  You can keep up to date, particularly about malware present in some downloadable pirated software, at the Securemac site:
  http://www.securemac.com/
  There may be other ways of guarding against Trojans, viruses and general malware affecting the Mac, and alternatives will probably appear in the future. In the meantime the advice is: be careful where you go on the web and what you download!
  As to the current 'Conficker furore' affecting Intel-powered computers, MacWorld recently had this to say:
  http://www.macworld.co.uk/news/index.cfm?email&NewsID=25613
  Although any content that you download has the possibility of containing malicious software, practising a bit of care will generally keep you free from the consequences of anything like the DNSChanger trojan.
  1. Avoid going to suspect and untrusted Web sites, especially *********** sites.
  2. Check out what you are downloading. Mac OS X asks you for you administrator password to install applications for a reason! Only download media and applications from well-known and trusted Web sites. If you think you may have downloaded suspicious files, read the installer packages and make sure they are legit. If you cannot determine if the program you downloaded is infected, do a quick Internet search and see if any other users reported issues after installing a particular program.
  3. Use an antivirus program like ClamXav. If you are in the habit of downloading a lot of media and other files, it may be well worth your while to run those files through an AV application.
  4. Use Mac OS X's built-in Firewalls and other security features.
  5. Stop using LimeWire. LimeWire (and other peer-to-peer sharing applications) are hotbeds of potential software issues waiting to happen to your Mac. Everything from changing permissions to downloading trojans and other malicious software can be acquired from using these applications.
  6. Resist the temptation to download pirated software. After the release of iWork '09 earlier this year, a Trojan was discovered circulating in pirated copies of Apple's productivity suite of applications (as well as pirated copies of Adobe's Photoshop CS4). Security professionals now believe that the botnet (from iServices) has become active. Although the potential damage range is projected to be minimal, an estimated 20,000 copies of the Trojan have been downloaded.

• Safari locked out by Malicious Virus Attack...

  Today my Safari was locked out and this warning popped up on my screen. "
  Critical Security Warning! Your Mac is infected with a malicious virus attack.
  Please contact tech support at +1-888-307-2735 and provide error code WBACK7917 to scan and resolve any potential threats to your personal and financial information, which was being tracked by suspicious connection.
  Consequently we are performing additional security checks to verify the source of the attack and have halted all your system resources in order to prevent any additional damage to your system and information."
  I called the number but the rep didn't identify herself only stated that they work with Apple & Safarii to help reduce these problems, then proceeded to ask for permission to enter my laptop remotely. I colorfully told her where she could go. So my Safari is locked out, MacKeeper hasn't identified the problem and the Safari app doesn't show in Mackeeper for me to uninstall the entire application. Please help me get rid of Safari then load a brand new one without the Debbie does Dallas getting her sticky fingers in my MaBbook Pro (17-inch) OS X updated 10.10.1 Yosemite.
  How can I uninstall Safari on my MacBook Pro when it is entwined into the OS X operating system? Then reinstall a clean version.

  dominic23
  Re:
  Safari locked out by Malicious Virus Attack...
  You said...
  "This is a scam.
  1. Force Quit .
      Press command + option + esc keys together at the same time. Wait.
      When Force Quit window appears, select  Safari if not already.
      Press Force Quit button at the bottom of the window.   Wait.
      Safari will quit.
  2. Relaunch Safari holding the shift key down.
  3. Turn off wifi and turn it back on.
      Turn off Wifi. Click Wifi icon in the menu bar and select “Turn Wifi off”.
      Visit another website.
      You won’t have internet connection.
      Turn on Wifi. Click Wifi icon in the menu bar and select “Turn Wifi on”.
      Select your Network."
  Your solution worked until I opened Safari again. I tried it several times, but the pop-up messages keep returning while locking the Safari screen.
  Any other suggestions?
  Don