Month: March 2011

SANS 20 Critical IT Controls #8: Controlled Use of Administrative Privileges
Sam AlapatiDatabase security, DSS (Data Security Standard), Oracle database, Oracle: News You Can UseLeave a Comment on SANS 20 Critical IT Controls #8: Controlled Use of Administrative Privileges

A common technique used b y hackers is to guess the passwords for administrative users to gain access to a server, and from there compromise vast swatches of a system. Hackers are constantly devising powerful password cracking tools to see if they could grab a system admin or network admin’s password.

SANS 20 Critical IT Controls #7: Application Software Security
Sam AlapatiDatabase security, DSS (Data Security Standard), Oracle database, Oracle: News You Can UseLeave a Comment on SANS 20 Critical IT Controls #7: Application Software Security

While strengthening your network and perimeter security does keep potential attackers away, you do want people to access your web sites and web application, of course. Unfortunately, while most users access your applications and web sites for legitimate purposes, you can’t control the user input.

SANS Critical IT Security Controls #4: Secure Configurations for Network Devices
Sam AlapatiDatabase security, DSS (Data Security Standard), Oracle database, Oracle: News You Can UseLeave a Comment on SANS Critical IT Security Controls #4: Secure Configurations for Network Devices

Network configuration includes the configuration of all network devices such as firewalls, routers and switches. Often times, an initially secure network configuration becomes somewhat insecure over time, as occasional configuration changes are made to the network to accommodate temporary needs.

In Archive