DB2 hardening

jayshah7 · #1 (**permalink**) 04-21-10, 00:41

Hi guys,

I want to harden DB2 on AIX, based on the following points :
Installation
Backup and Recovery
Monitoring
Auditing
Security

Can anyone let guide me or any valuable doc will be of gr8 help.

regards,
jay shah

dr_te_z · #2 (**permalink**) 04-21-10, 02:14

The only things I can think of:
- do not grant db2 access to "alive" users
- only grant db2 access to "task" users and do not share the passwords
- capture all housekeeping in scripts and grant execute rights by means of sudo
- use static SQL only (if possible)
- client application (really need their password) are only permitted to execute static SQL or only update the DB by means of Stored Procedures.
- applications only access userviews, no real tables. This gives you the most control by means of triggers on tables, and "instead of" triggers on views.
- do not expect to be liked by your IT collegues

jayshah7 · #3 (**permalink**) 04-21-10, 05:45

I am looking for a best practise document which will be a standard in case of any activity like installation, backup and recovery.
For eg : Logretain should be on.......

Marcus_A · #4 (**permalink**) 04-21-10, 09:42

Quote:

Originally Posted by jayshah7

I am looking for a best practise document which will be a standard in case of any activity like installation, backup and recovery.
For eg : Logretain should be on.......

I would check out the lazydba forum.

Internet Services

Web Development

Digital Marketing

Consumer Tech