Tuesday, May 1, 2012

TNS Listener Posion attack.

Oracle rushes out a security advisory with workarounds for a dangerous Database Server security flaw. It released Security Alert CVE-2012-1675
The vulnerability was orginally discovered by Joxean Koret in 2008. Oracle Database Server  versions  released in the past 13 years contain a bug that allows hackers to  monitor all data passing between the server and end users who are connected to it. Koret is said to have commented that Oracle learned of the bug in 2008 and indicated in a recent e-mail that it had no plans to fix current supported versions of the enterprise product because of concerns it could cause "regressions" in the code base.
Interestingly , the security alert provide customers with a number of technical measures to provide effective defense against this vulnerability in all deployment scenarios. It doesnot contain any patch. It is urging customers make the configuration changes documented in the  mentioned My Oracle Support Notes as soon as possible.

Title Changed -- reflects my journey

  The title "Evolving Architect: Combining Data, Design, and Project Management" captures my journey as I grow from data-centric e...