Erman Arslan's Oracle Forum Database

auditing database

classic Classic list List threaded Threaded
4 messages Options
Roshan
Reply | Threaded
Open this post in threaded view
|

auditing database

Roshan
Oracle Database 12c
Red Hat Linux 6

Hi,

after collecting some information on a production database(please find attached output), how can I check the security flaws? For example, default password shoould be blank(from file DBA_USERS_WITH_DEFPWD).

I have some doubts on the profile. Can you please advise.

DBA_PROFILES.ACTT
DBA_USERS_WITH_DEFPWD.ACTT
PRODUCT_USER_PROFILE.ACTT
ACTT_CONFIG_FIELDTERMINATOR.ACTT
ACTT_CONFIG_SETTINGS.ACTT
ALL_SCHEDULER_RUNNING_JOBS.ACTT
DBA_JOBS.ACTT
DBA_JOBS_RUNNING.ACTT

Can you please send me your email so that I can send you the compressed folder.

Regards,
Roshan


ErmanArslansOracleBlog
Reply | Threaded
Open this post in threaded view
|

Re: auditing database

ErmanArslansOracleBlog
Administrator
Hi Roshan,

I can't analyze your log files. If you have a problem, ask it directly. or if you want to know something, please ask your question specifically.
Roshan
Reply | Threaded
Open this post in threaded view
|

Re: auditing database

Roshan
I have executed a script to collect details for auditing. Can you please advise any flaws for password profiles

LIMIT VARCHAR2(128)|^|PROFILE VARCHAR2(128)|^|RESOURCE_NAME VARCHAR2(32)|^|RESOURCE_TYPE VARCHAR2(8)
DEFAULT|^|CBS_USER|^|COMPOSITE_LIMIT|^|KERNEL
DEFAULT|^|PROFILE_CBS|^|COMPOSITE_LIMIT|^|KERNEL
DEFAULT|^|ORA_STIG_PROFILE|^|COMPOSITE_LIMIT|^|KERNEL
UNLIMITED|^|DEFAULT|^|COMPOSITE_LIMIT|^|KERNEL
DEFAULT|^|CBS_USER|^|SESSIONS_PER_USER|^|KERNEL
DEFAULT|^|PROFILE_CBS|^|SESSIONS_PER_USER|^|KERNEL
DEFAULT|^|ORA_STIG_PROFILE|^|SESSIONS_PER_USER|^|KERNEL
UNLIMITED|^|DEFAULT|^|SESSIONS_PER_USER|^|KERNEL
DEFAULT|^|CBS_USER|^|CPU_PER_SESSION|^|KERNEL
DEFAULT|^|PROFILE_CBS|^|CPU_PER_SESSION|^|KERNEL
DEFAULT|^|ORA_STIG_PROFILE|^|CPU_PER_SESSION|^|KERNEL
UNLIMITED|^|DEFAULT|^|CPU_PER_SESSION|^|KERNEL
UNLIMITED|^|CBS_USER|^|CPU_PER_CALL|^|KERNEL
DEFAULT|^|PROFILE_CBS|^|CPU_PER_CALL|^|KERNEL
DEFAULT|^|ORA_STIG_PROFILE|^|CPU_PER_CALL|^|KERNEL
UNLIMITED|^|DEFAULT|^|CPU_PER_CALL|^|KERNEL
DEFAULT|^|CBS_USER|^|LOGICAL_READS_PER_SESSION|^|KERNEL
DEFAULT|^|PROFILE_CBS|^|LOGICAL_READS_PER_SESSION|^|KERNEL
DEFAULT|^|ORA_STIG_PROFILE|^|LOGICAL_READS_PER_SESSION|^|KERNEL
UNLIMITED|^|DEFAULT|^|LOGICAL_READS_PER_SESSION|^|KERNEL
DEFAULT|^|CBS_USER|^|LOGICAL_READS_PER_CALL|^|KERNEL
DEFAULT|^|PROFILE_CBS|^|LOGICAL_READS_PER_CALL|^|KERNEL
DEFAULT|^|ORA_STIG_PROFILE|^|LOGICAL_READS_PER_CALL|^|KERNEL
UNLIMITED|^|DEFAULT|^|LOGICAL_READS_PER_CALL|^|KERNEL
DEFAULT|^|CBS_USER|^|IDLE_TIME|^|KERNEL
DEFAULT|^|PROFILE_CBS|^|IDLE_TIME|^|KERNEL
15|^|ORA_STIG_PROFILE|^|IDLE_TIME|^|KERNEL
UNLIMITED|^|DEFAULT|^|IDLE_TIME|^|KERNEL
UNLIMITED|^|CBS_USER|^|CONNECT_TIME|^|KERNEL
DEFAULT|^|PROFILE_CBS|^|CONNECT_TIME|^|KERNEL
DEFAULT|^|ORA_STIG_PROFILE|^|CONNECT_TIME|^|KERNEL
UNLIMITED|^|DEFAULT|^|CONNECT_TIME|^|KERNEL
DEFAULT|^|CBS_USER|^|PRIVATE_SGA|^|KERNEL
DEFAULT|^|PROFILE_CBS|^|PRIVATE_SGA|^|KERNEL
DEFAULT|^|ORA_STIG_PROFILE|^|PRIVATE_SGA|^|KERNEL
UNLIMITED|^|DEFAULT|^|PRIVATE_SGA|^|KERNEL
6|^|CBS_USER|^|FAILED_LOGIN_ATTEMPTS|^|PASSWORD
10|^|PROFILE_CBS|^|FAILED_LOGIN_ATTEMPTS|^|PASSWORD
3|^|ORA_STIG_PROFILE|^|FAILED_LOGIN_ATTEMPTS|^|PASSWORD
10|^|DEFAULT|^|FAILED_LOGIN_ATTEMPTS|^|PASSWORD
120|^|CBS_USER|^|PASSWORD_LIFE_TIME|^|PASSWORD
UNLIMITED|^|PROFILE_CBS|^|PASSWORD_LIFE_TIME|^|PASSWORD
60|^|ORA_STIG_PROFILE|^|PASSWORD_LIFE_TIME|^|PASSWORD
180|^|DEFAULT|^|PASSWORD_LIFE_TIME|^|PASSWORD
UNLIMITED|^|CBS_USER|^|PASSWORD_REUSE_TIME|^|PASSWORD
10|^|PROFILE_CBS|^|PASSWORD_REUSE_TIME|^|PASSWORD
365|^|ORA_STIG_PROFILE|^|PASSWORD_REUSE_TIME|^|PASSWORD
UNLIMITED|^|DEFAULT|^|PASSWORD_REUSE_TIME|^|PASSWORD
UNLIMITED|^|CBS_USER|^|PASSWORD_REUSE_MAX|^|PASSWORD
10|^|PROFILE_CBS|^|PASSWORD_REUSE_MAX|^|PASSWORD
10|^|ORA_STIG_PROFILE|^|PASSWORD_REUSE_MAX|^|PASSWORD
UNLIMITED|^|DEFAULT|^|PASSWORD_REUSE_MAX|^|PASSWORD
ORA12C_VERIFY_FUNCTION|^|CBS_USER|^|PASSWORD_VERIFY_FUNCTION|^|PASSWORD
ORA12C_VERIFY_FUNCTION|^|PROFILE_CBS|^|PASSWORD_VERIFY_FUNCTION|^|PASSWORD
ORA12C_STRONG_VERIFY_FUNCTION|^|ORA_STIG_PROFILE|^|PASSWORD_VERIFY_FUNCTION|^|PASSWORD
ORA12C_VERIFY_FUNCTION|^|DEFAULT|^|PASSWORD_VERIFY_FUNCTION|^|PASSWORD
1|^|CBS_USER|^|PASSWORD_LOCK_TIME|^|PASSWORD
.0006|^|PROFILE_CBS|^|PASSWORD_LOCK_TIME|^|PASSWORD
UNLIMITED|^|ORA_STIG_PROFILE|^|PASSWORD_LOCK_TIME|^|PASSWORD
1|^|DEFAULT|^|PASSWORD_LOCK_TIME|^|PASSWORD
7|^|CBS_USER|^|PASSWORD_GRACE_TIME|^|PASSWORD
UNLIMITED|^|PROFILE_CBS|^|PASSWORD_GRACE_TIME|^|PASSWORD
5|^|ORA_STIG_PROFILE|^|PASSWORD_GRACE_TIME|^|PASSWORD
7|^|DEFAULT|^|PASSWORD_GRACE_TIME|^|PASSWORD

Regards,

Roshan
ErmanArslansOracleBlog
Reply | Threaded
Open this post in threaded view
|

Re: auditing database

ErmanArslansOracleBlog
Administrator
That output doesn't tell much to me.

Please describe the following;
1)your goal (in detail)
2) documentation you followed
3) exact steps you took
4) the script you executed (for this specific case), name of it + the document that references to it.
5) the output produced (for this specific case)
Free forum by Nabble Edit this page