Understanding Logging Priority & Options in Oracle DB

From my understanding once we switch on database logging, the entire DB goes into logging mode and generates redo logs.

I want to categorically exclude/include some tables/tablespaces from this logging as they are not required for recovery incase of failures.

Is there any priority on the logging options and to exclude certain tables/tablespaces from logging so as to reduce some of the traffic going to redo logs.

Hard Wired Man in the Middle Logging

I am wanting to set up a single logging point on my home network that logs URLs and search terms to monitor teenagers… um… activity.

I was thinking of setting up a computer between the cable modem and the router, which would capture all network traffic. The upside would be no need for arp spoofing, the downside would be you would lose specific device information for if the traffic was on a wireless tablet vs wired PC.

I have played with Kali a little, and while there are some cool things like driftnet, urlsnarf, and arpspoof, they all seem to be to target a single device, and seems most tutorials are for creating wireless hotspots.

With thousands of tools available, I am not sure where to start on this, where I am wanting basically a consolidated browser history from all devices on the network.

I have a PC with a 4 port GB network card and an SSD available with Kali installed. Is my plan of putting it between the router and modem good, or should I stick with arp spoofing past the router? The router is a Linksys 1200AC.

“Portable” MySQL and logging

I’m using "portable" Mysql(not installed and should be started by batch file) "@echo off @color B echo Starting the MySQL mysql5\bin\mysqld.exe –console –max_allowed_packet=64M"

it has inside 2db, and I want to log any queries for only one db. But I can’t find the config(lol) It has 5 configs inside: my-huge, my-innodb-heavy-4G, my-large and so on. What config should I edit?

Same session cookies for a user logging from different browser/machine

So i new to web application security and have a doubt regarding session cookies. Which is more vulnerable:

  1. Having same session cookies for a user logging in from different machine/browser

or

  1. Having different session cookies for a use logging in from different machine/browser

if possible can you provide a quick scenario how each can be exploited

Thank you

Monitor HTTPS URL logging of a specific device of a Network


Goal

The main goal is to monitor all the URL logging (HTTPS) of a specific device in my Network. So I’m decided to buy a Security tool WifiPineApple from Hak5 store.

Ex. Alexa, Chromecast, and maybe iPad.

enter image description here

Steps (Windows 10 PC)

I did :

  • configured a Network Sharing from my Ethernet to the WifiPineApple : here
  • configured Static IP to my WifiPineApple as 172.16.42.42 as required : here
  • GUI/Portal
  • login into the GUI portal, finishing the setup, root password, and SSIDs
    • allow all clients to connect
    • installed “SSLSplit” module from Community Repository, and start it

iPad

I can see the SSID being broadcasted, and connected to it. I tested the Speedtest, I got about 30 Mbps after connected.

Then, I tried to load the HTTPS site, it takes forever to load a simple page.

and the portal is not even auto refresh as they claimed it should …


Questions

  1. How good could it be to sniff the traffic that take 10 minutes to load a simple page ?
  2. Am I using WifipineApple not correctly ?
  3. Should I use a different modules for SSL Strip HTTPS traffic/request ? I’ve tried DWall, urlsnarf, buy they also works very sluggish and only works for HTTP.
  4. Should I look into other options since WifipineApple, not being so efficient?
  5. With my Network diagram in mind, should I look a better tools/applications like maybe spin up another router in between the router & the modem ?

Expecation

To reiterate my goal, my expectation is very simple, I want to see the URL logs of all the sites requested by my iPad at the particular moment. I can care less about these information header, body, payload, and even credentials, I only care about requested URLs or history.

If anyone has any suggestions for me, I would love to take your advice.

Is logging number of special characters in password a bad idea?

Recently I started new work, and going through documentation and code to understand what company is doing. While doing that, I noticed there is logged number of special characters in his password.

Personally, I don’t think it is good idea as disclose some information regarding password, especially for users who didn’t used any special characters. From other hand, this issue wasn’t picked up by pen testers.

I was wonder, is it me being too paranoiac and this is not a real issue, or it is a issue which was overlooked during pentesting.

Yahoo! Mail logging in with 2FA code only

I came across a serious issue with Yahoo! Mail that I hope someone would help to fix or raise awareness for.

I wanted to create an account on Yahoo! Mail. I entered my phone number to the Yahoo! login, and it asked me if I wanted to receive an access key. So I did that, and typed in the access key… Surprise, I logged in ACCIDENTALLY to the Yahoo! Mail of the previous owner of my current phone number! Someone had used the same phone number years ago and connected it to his Yahoo! mail, and once he stopped using the phone number it eventually was bought by me, and I used this phone number to gain access to his email! Yahoo! didn’t even ask me for a name or email, just access to the phone number, and I was able to access his email. I immediately logged out.

Is this a normal thing? Looks like a very serious privacy issue… and Yahoo! could fix it just by requiring the person to enter the full name or email.