security
Spokey Elsewhere
Submitted by Spokey on Wed, 2008-08-06 15:24. Under: security | spokey elsewhereAt IBM Database Magazine: Just how difficult is it to retro-fit an auditable security framework?
Speaking about Auditing...
Submitted by Spokey on Thu, 2008-07-31 18:29. Under: auditing | informix | scripts | securityThere is a very useful script from Jonathan Leffler available here.
A closer look at the "Security and Compliance Solutions for IBM Informix Dynamic Server" RedBook
Submitted by Spokey on Thu, 2008-07-31 17:55. Under: informix | redbook | securityI mentioned this RedBook in one of my earlier posts and wanted to have a closer look at it.
I remember that when I looked at the contents originally, I was surprised to see no mention of physical and only a limited discussion of file system security. The only discussion relating to file system security was around backups.
In my opinion, another omission was that there is no suggestion made of what sort of things you should audit with the onaudit program.
Some of the options are presented to the reader without any real emphasis as to which is a better option. For example, there is no mention that regular DES encryption (as opposed to Triple-DES or DES3) is not a very good option. Although it is mentioned that Electronic Cook Book (ECB) cipher mode is easy to crack, it's also not very well highlighted and didn't jump out at me. (It will leap out at you if you scan the PDF for the string "ecb", but if you were reading the article normally, it certainly wouldn't, as it's in a section called "Sample Settings". :-) )
Informix Security RedBook
Submitted by Spokey on Thu, 2008-07-24 10:45. Under: informix | redbooks | securityIBM has recently released a new RedBook, called "Security and Compliance Solutions for IBM Informix Dynamic Server"
It looks to be a comprehensive review, covering:
- Role separation;
Auditing;
SQL security;
Communication; and
Backup security
It looks well worth a read.
Security is a big issue and I don't find most people take it seriously enough. Have a look at an optimally secure system design, then look at where your environment diverges from that. Break the deficiencies into bite-sized chunks that you can address as and when you have time.
Final Version: IBM Redbook about IDS Security
Submitted by eherber on Sat, 2008-03-08 10:24. Under: education | ids | redbook | securityFinal Version: IBM Redbook about IDS Security
A new interesting Redbook Redbook has left the draft status and has been officially published:
Download the Redbook to gain an understandig on the robust and comprehensive security technology that IDS offers. IDS is IBM's safest and most performant data server for business critical data on the Linux, Unix and Windows platforms.
