Once upon a time, Database Management Systems (DBMS) had only a handful of configuration options and they didn't allow the DBA many choices.
The options available were simple - naming the database instance or which storage location to use for the data files.
Today, there are a myriad of configuration options - many related to performance and enhanced feature sets. There are also many options that are either direct security settings, or that impact security.
Having the correct configuration settings could determine whether or not your critical business information is secure and whether it could be compromised.
This week, Application Security, Inc.'s Team SHATTER has identified and provided remediation methods on several configuration settings that impact security and must be addressed when a new database is installed:
- Sybase current audit table HERE
- Oracle Configuration Manager Installed on a Production System HERE
- Microsoft SQL Server PPS configuration HERE
- IBM DB2 TRUST_ALLCLNTS configuration HERE
The Team SHATTER Vulnerability of the Day series on Twitter provides you with what to check for and how to mitigate these common risks.
Stay informed. Follow @TeamSHATTER on Twitter.
Cross Posted from Database Security 3.0