15th February 2011
|
Administrator
|
|
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,132
|
|
Oracle releases database firewall
From http://www.h-online.com/security/new...l-1189611.html
Quote:
The product uses white lists and black lists containing permitted and prohibited SQL commands. Statements that are not included in the white list can be blocked, substituted or simply logged by the firewall.
In a white paper, Oracle suggests using substitutions as the default operation as this will provide attackers with as little information as possible. For example, instead of SELECT * FROM table the firewall could execute SELECT * FROM table WHERE 'a'='b' which doesn't return any records. Similarly, instead of DROP TABLE table, if the command SELECT * FROM xxx was used it would make the database attempt to access a non-existent table and trigger an error message.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|