Jay Mehta

1289 0

Jay-MehtaJay Mehta works as an Information Technology Director at CTIS, Inc. Rockville MD. He has over 25+ years of experience in project management, security implementation and Oracle database architecture/administration. He specializes in Oracle database security, disaster/recovery and performance tuning. He holds a master’s degree in Computer Science from Stevens Institute of Technology. His blogs can be found here.

Articles by Jay Mehta

Implement Oracle Database Firewall using Valid Node Checking

Introduction One of the Oracle Database Listener features for protecting your Oracle databases from malicious attacks from unauthorized locations is by implementing the Valid Node Checking (VNC) feature. Through this feature, access to the database can be restricted based on the IP address (or host name) of the client machine attempting to connect to the …

Oracle TNS Listener Poison Attack

Oracle TNS Listener Poison Attack

A flaw in the Oracle database listener, if not mitigated, could allow an attacker to take complete control of an Oracle database through an attack known as TNS Poison Attack. This vulnerability is remotely exploitable without authentication credentials. This classic man-in-the-middle (MITM) vulnerability has been published as security alert CVE 2012-1675 and received a CVSS …