Oracle Forensics and Incident Response - databasesecurity.com

Oracle Forensics

Since the state of California passed the Database Security Breach Notification Act (SB 1386) in 2003 another 34 states have passed similar legislation with more set to follow.
In January 2007 TJX announced they had suffered a database security breach with 45.6 million credits card details stolen ? the largest known breach so far.
In 2006 there were 335 publicized breaches in the U.S.; in 2005 there were 116 publicized breaches; between 1st January and March 31st of 2007, a 90 day period, there have been 85 breaches publicized.
Never has Oracle forensics and incident response been so important. These papers should help forensic examiners and incident responders to find evidence after a database intrusion has occured.

[Tell databasesecurity.com about another paper or tool]

Title: Oracle Forensics DDLDump
Author: David Litchfield, V3RITY LTD
Type: pdf
[Original]

Title: Oracle Forensics Part 7: Using the Oracle System Change Number in Forensic Examinations
Author: David Litchfield, NGSSoftware
Type: pdf
[Original]

Title: Cadfile
Author: David Litchfield, NGSSoftware
Type: Tool
[No Mirror] [Original]

Title: Oracle Forensics
Author: Pete Finnigan, PeteFinnigan.com
Type: Slides / pdf
[No Mirror] [Original]

Title: Oracle Forensics Part 6: Examining Undo Segments, Flashback and the Oracle Recycle Bin
Author: David Litchfield, NGSSoftware
Type: Whitepaper / pdf
[Mirror] [Original]

Title: Oracle Forensics Part 5: Finding Evidence of Data Theft in the Absence of Auditing
Author: David Litchfield, NGSSoftware
Type: Whitepaper / pdf
[Mirror] [Original]

Title: Blackhat 2007: Oracle Forensics
Author: David Litchfield, NGSSoftware
Type: Whitepaper / pdf
[Mirror] [Original]

Title: Oracle Forensics Part 4: Live Response
Author: David Litchfield, NGSSoftware
Type: Whitepaper / pdf
[Mirror] [Original]

Title: Oracle Forensics Part 3: Isolating Evidence of Attacks Against the Authentication Mechanism
Author: David Litchfield, NGSSoftware
Type: Whitepaper / pdf
[Mirror] [Original]

Title: Oracle Forensics Part 2: Locating Dropped Objects
Author: David Litchfield, NGSSoftware
Type: Whitepaper / pdf
[Mirror] [Original]

Title: Oracle Forensics Part 1: Dissecting the Redo Logs
Author: David Litchfield, NGSSoftware
Type: Whitepaper / pdf
[Mirror] [Original]

Title: Oracle Forensics in a Nutshell
Author: Paul Wright, NGSSoftware
Type: Whitepaper / pdf
[Mirror] [Original]

Title: Oracle Database Forensics using Logminer
Author: Paul Wright, NGSSoftware
Type: Whitepaper / pdf
[Mirror] [Original]

Title: Oracle Forensics: Collecting Evidence After an Attack
Author: Aaron Newman, Appsecinc
Type: Powerpoint
[Mirror] [Original]

Copyright © 2001- 2005 databasesecurity.com. All rights reserved.