|
Archived Security Articles
|
18 Jul 2011
|
Secure Administration of Oracle VM Server for SPARC (Logical Domains) [24361]
Separation of Function Is Critical in Virtual Environment, Jeff Savit Argues
In his blog post "Secure administration of Oracle VM Server for SPARC (Logical Domains)" Jeff Savit describes how to use RBAC to secure an Oracle VM Server for SPARC system by eliminating use of the root userid and restricting power to specific users and roles when they need them. That step, along with restricting which userids can log into a control domain in the first place, should be considered for any domain environment, he contends.
Other tasks one may wish to consider include using RBAC to control access to guest domains consoles and to enable security auditing, he adds. OVMSS Security, Savit writes, provides the necessary separation of function that is especially critical in a virtual machine environment. He concludes that reference information for the tasks in his blog can be found in Chapter 3 of the Oracle VM Server Administration Guide.
(Get More Information . .)
|
|
21 Jun 2011
|
Protect Your Applications with Oracle Solaris Security [24266]
Solaris 11 Express version of Solaris security lab
Yet another addition to Oracle's Hands-on Labs series is "Protect Your Applications with Oracle Solaris Security," which examines privileges, RBAC (Rights and Authorizations) and integration with SMF (Service Management Facility). Students are assumed to have completed the lab "Installing oracle Solaris 11 Express in Oracle VM Virtual Box." There are four lab exercises:
- Introduction to Solaris RBAC and Privileges
- A closer look at Solaris Privileges
- Process privileges and rights
- SMF.process privileges and authorizations
Completion time for all four is approximately one hour.
(Get More Information . .)
|
|
15 Jun 2011
|
Using Sophos Anti-Virus for Virus Scanning on the Sun ZFS Storage Appliance [24257]
A How-to for Instainstalling and Configuring the Solution on Microsoft Windows, Linux, and UNIX
"Using Sophos Anti-Virus with the Sun ZFS Storage Appliance" is an article by Thomas Hanvey that describes a scalable and reliable virus scanning solution (Sophos Anti-Virus) for protecting valuable data stored on network attached storage devices. Directions are provided for installing and configuring the solution on Microsoft Windows, Linux, and UNIX operating systems for use as a virus scan engine with the Sun ZFS Storage Appliance VSCAN service.Some of the key benefits to using this solution are that users can offload the burden of scanning the files onto the the ZFSSA, thereby reducing network traffic, while taking advantage of the ZFSSA's hardware to perform scanning of files. According to Hanvey, users can move the file scanning task to the Sun ZFS Storage Appliance, reducing network traffic, while taking advantage of the Sun ZFS Storage Appliances integrated VSCAN virus scanning service to manage disposition of files based on scan results from Sophos Anti-Virus. He notes that the solution has been certified by Sophos and Oracle to detect viruses, worms, and Trojan horses in files of all major file types, including mobile code and compressed file formats, ensuring fast virus resolution to reduce the risk of financial, data, and productivity loss.
(Get More Information . .)
|
|
13 Jun 2011
|
DoD Compliant Disk Wipe with Solaris [24250]
Erasing Disks Securely
From the Oracle blogs site comes a post by Stefan Hinker on securely erasing disks, that reminds readers it is possible using Solaris to erase disks sufficiently completely that the method satisfies the requirements of Department of Defense wipe disk standard 5220.22-M. Hinker includes links to the manpage of format(1M) and to the Data remanence article on Wikipedia. He also adds a caution that this method does not work well with all SSDs.
(Get More Information . .)
|
|
09 Jun 2011
|
Oracle Issues 17 Fixes for Java SE Platform [24247]
Oracle Java SE Critical Patch Update Advisory - June 2011
The June 2011 Java SE Critical Patch Update Advisory alters users to 17 new security fixes across Java SE products. The affected product releases and versions are:
- JDK and JRE 6 Update 25 and earlier
- JDK 5.0 Update 29 and earlier
- SDK 1.4.2_31 and earlier
The next Oracle Java SE Critical Patch Updates will be released on October 18, 2011; February 14, 2012; and June 12, 2012.
As always, Oracle advises installation of the 17 patches in this update as soon as possible to avoid exploitation of vulnerabilities. Given the reported increase in the number of cyberattacks against Java as reported by Microsoft and noted in infosecurity-us.com these patches will be seen as timely.
(Get More Information . .)
|
|
12 Apr 2011
|
Oracle Internet Directory 11g and Oracle Exadata Database Machine [24084]
Combination Provides Linear Scalability
The Oracle white paper Oracle Internet Directory 11g and Oracle Exadata Database Machine in the Facebook Age reports on how the unique architecture of Oracle Internet Directory 11g allows it to scale virtually linearly based on the available hardware. Oracle Exadata Database Machine exhibits virtually the same trait, making the combination of these two products the most optimal future-proof directory solution currently available. Oracle projects that, with the appropriate hardware and network configuration, this combination can successfully scale to meet requirements exceeding 1,000,000 ops/sec, easily besting Facebook's current capacity.
(Get More Information . .)
|
|
|
|
|
