The final installment in my series on CAT I STIG controls is all about the use (or not) of the server operating system accounts that support the Oracle database. Two controls address the use of and access to the Oracle software installation account, and one addresses the privileges associated with individual user accounts for DBAs. … Continue reading Top STIG – Part 6 (OS Accounts)
I've seen a couple of Oracle Community and AskTom posts over the last year or two about installing anti-virus software on Oracle database servers. Usually it is because someone in security told the sysadmin or the DBA that they had to install some kind of AV software because it was required. Been there; done that. I found out the hard way that doing so was a bad idea...
I have written previously on how much I dislike password maintenance. Every chance I get to enable PKI certificate authentication, I take it. Most of my career I have worked in environments where certificate authentication was expected, if not explicitly required, so it wasn't a big leap for me to look at configuring Oracle APEX … Continue reading APEX Authentication with a Smart Card – Part 1 (Web Server)
Every once in a while over the years I have been asked, “Why don’t you patch the Java JDK included in an Oracle Home directory?”
This is the last post in this series, in which I have described configurations for the server wallet, server networking, client networking, and database. If you have completed all of the steps I laid out, then you are ready to test your SSL connection using your smart card. TNS Ping over TCPS First confirm that … Continue reading Database Authentication with a Smart Card – Part 5 (Testing)