<div>
you need to find out exactly what they mean by &quot;hardened&quot;. It's too vague a term to answer
</div>


you need to find out exactly what they mean by "hardened". It's too vague a term to answer

sunhux

<div>
Can John clarify/illustrate &quot;its security is mostly regarding its physical state of the DB than the normal&quot; ?
</div>


Can John clarify/illustrate "its security is mostly regarding its physical state of the DB than the normal" ?

<div>
I mean that the protection of the Firebird database is only as good as you restrict normal file copy/paste ...if someone copies your database can open it without knowledge of your user security.
</div>


I mean that the protection of the Firebird database is only as good as you restrict normal file copy/paste ...if someone copies your database can open it without knowledge of your user security.

<div>
Thanks. &nbsp;Got another one:<br />
<br />
<a href="https://firebirdsql.org/file/documentation/reference_manuals/user_manuals/html/qsg3-config.html" rel="ugc">https://firebirdsql.org/file/documentation/reference_manuals/user_manuals/html/qsg3-config.html</a>
</div>


Thanks.  Got another one:

https://firebirdsql.org/file/documentation/reference_manuals/user_manuals/html/qsg3-config.html [https://firebirdsql.org/file/documentation/reference_manuals/user_manuals/html/qsg3-config.html]

<div>
<div class="content wysiwyg-content">
Got an audit finding that our Firebird Sql / DB is not hardened.<br />
<br />
CIS doesnt have such &nbsp;a guide &amp;&nbsp;googling only gives a 1-liner pg:<br />
<a href="https://firebirdsql.org/rlsnotesh/rnfb25-security.html" rel="ugc">https://firebirdsql.org/rlsnotesh/rnfb25-security.html</a><br />
<br />
Any where else any one can point me to?
</div>
</div>


Got an audit finding that our Firebird Sql / DB is not hardened.

CIS doesnt have such  a guide & googling only gives a 1-liner pg:
https://firebirdsql.org/rlsnotesh/rnfb25-security.html

Any where else any one can point me to?

Hardening materials for Firebird DB

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.

OS Security

SQL (Structured Query Language) is designed to be used in conjunction with relational database products as of a means of working with sets of data. SQL consists of data definition, data manipulation, and procedural elements. Its scope includes data insert, query, update and delete, schema creation and modification, and data access control.