topic Informix Database -- How to secure in Operating System - HP-UX

Informix Database -- How to secure

nibble — Fri, 04 Mar 2005 05:04:03 GMT

guys, can anyone point me on some docs on how to secure or apply security measures with Informix DAtabase Servers? ive tried searching, but to no avail.

tnx,

Re: Informix Database -- How to secure

Peter Godron — Fri, 04 Mar 2005 05:29:28 GMT

Hi,
could you expand a bit on what you want to do? Do you want to secure the UNIX side or try and improve Informix security?
What sort of threat do you want to secure against?
Basics would be :
Seperate dba userid
Tight file/directory access protection
Mirroring of db file disks
Password strengthening
Regards

Re: Informix Database -- How to secure

Ranjith_5 — Fri, 04 Mar 2005 05:32:29 GMT

Hi ,

The following would be helpful to you.

http://www.governmentsecurity.org/articles/DatabaseSecurityPart1.php

Regards,
Syam

Re: Informix Database -- How to secure

JJ_4 — Sat, 05 Mar 2005 14:09:53 GMT

What version of IBM Informix are you running?

There are several scripts within the 9.40.xC6 products that secure certain aspects ...

$INFORMIXDIR/etc/make-informixdir-secure

and

$INFORMIXDIR/bin/ibmifmx_security.sh

but (as previously said) you need to expand on what you want to make secure :D

Re: Informix Database -- How to secure

Bill Hassell — Sat, 05 Mar 2005 20:39:29 GMT

This is a really complex question. It all depends on what security you are trying to accomplish. Are you trying to meet HIPAA requirements or just trying to improve things? For a really secure solution, you have to move the database (the data) and the engine to another computer which is virtually inaccessible from any other network. Separation of user access from the database server is always a good idea. Make sure the DBAs haven't messed with devicefile permissions and ownerships. Raw data volumes must never be 666 or 777. And Informix (any database system) design/maintenance should never require root access. Ideally, all sysadmins must use sudo so root logins occur very seldom.

Check out Chris Wong's book on HP-UX Security. The real difficulty is locking down an existing system. Bad habits and poor code will cause problems as security is tightened.

Re: Informix Database -- How to secure

nibble — Sun, 06 Mar 2005 21:07:13 GMT

actually, its not on the OS side. its the informix database itself. i need only the standard security measures for Informix Database Server. same with standard C2/hardening compliance with OS.