SCORE Oracle v3.1

index Name of precautionary measure
1.00.00 Host Operating System security Issues

1.01.01 Oracle software permissions
1.01.02 Lock Oracle account
1.01.03 Do not name Oracle software owner account
"oracle"
1.01.04 Limit access to software owner account
1.01.05 Use separate owner for listener from database
software
1.01.06 secure or remove DBSNMP
1.02.02 set umask value to a secure value
1.02.03 Check owner and group for all files in
$ORACLE_HOME
1.02.04 Windows file permissions and type.
1.02.05 Location of temp directories TMP_DIR,
TMPDIR and TEMP
1.02.06 Check windows groups used for
ORACLE_HOME and ORACLE_BASE
1.03.01 Audit membership of OSDBA and root group
1.03.02 Ensure Oracle is not in the root group
1.03.03 Dont use dba name for the OSDBA group
1.03.04 Dont use the name ORA_DBA for the OSDBA
group on Microsoft.
1.04.01 Check trace file permissions
1.04.02 Remove tkprof from production db
1.04.03 disable the otrace utility
1.04.04 Check permissions of the datafiles
1.04.05 Regulary audit Oracle log files
1.04.06 Check for sensitive temporary files
1.04.07 Check for tertiary trace files
1.04.08 Check for remote data access files (RDA)
1.04.09 Raw device permissions
1.05.01 Usernames/ passwords in process list
1.05.02 Restrict the ps command
1.05.03 Restrict shell history files for usernames and
passwords
1.06.01 Secure network communications
1.06.02 set ORA_ENCRYPT_LOGIN to TRUE
set DBLINK_ENCRYPT_LOGIN to TRUE
1.06.03 Secure password transmission on the server
1.06.04 Secure password transmission on the client
1.06.05 JDBC thin minimum permissions
1.07.01 Permissions on Oracle SUID and SGID files
1.07.02 Remove SUID and SGID files in
$ORACLE_HOME
1.08.01 Check environment variables for usernames
and password
1.08.02 Audit the machine for scripts containing
usernames and passwords
1.08.03 Audit cron for usernames and passwords
1.08.04 Audit client machines for configuration files
containing usernames and passwords
1.08.05 Remove db creation scripts
1.09.01 Use O/S auditing facilities
1.09.02 Save log files to a separate server using Syslog
or Windows event viewer
1.09.03 Integrity check O/S files used by Oracle
1.09.04 host based IDS
1.09.05 Review expected processes regularly
1.10.01 monitor and set control file permissions
1.11.01 Check who is creating trace files and audit their
presence
1.11.02 Audit trace files for attempts to read database
internal structures
1.11.03 Ensure no user has ALTER SESSION and
ALTER SYSTEM privileges
1.12.01 Audit for export file existence
1.12.02 Changing database passwords after full import
1.13.01 Locate archive log files and check no user
except ORACLE can read them
1.13.02 Save archivelog files to disk
1.14.01 Audit external tables
1.15.01 remove access to native PL/SQL compilation in
production
1.16.00 Be aware of key files containing hashes or
passwords or other sensitive information
1.17.01 Password protected listener can be shut down
via the OS on Windows
2.00.00 Oracle Authentication
2.01.01 Audit database users activities
2.01.02 Audit application database logins
2.01.03 Check users database passwords
2.01.04 prevents users from sharing account IDs
2.01.05 Use proxy authentication to help resolve SSO
issues
2.02.01 Audit default database accounts
2.02.010 Modify Oracle scripts for default accounts that
are used
2.02.02 Add password management for default
accounts
2.02.03 Audit internal alias login
2.02.04 Audit non database Oracle passwords
2.02.05 Change sys password and system password
2.02.06 Change
2.02.07 Create business process to audit default
accounts regularly
2.02.08 Disable remote login password file parameter
2.02.09 Check use of system tablespace by default and
SYSTEM users.
2.02.11 Audit known default role passwords
2.03.01 Audit users accounts for passwords same as
username
2.03.02 Audit users accounts for weak passwords
2.03.03 Lock dormant database accounts and remove
after time delay
2.03.04 Stop personal data exposure on users accounts
2.03.05 Use obfuscated naming convention for users
accounts
2.03.06 Use LDAP for external authentication
2.03.07 Tie db accounts to users
2.04.01 Secure remote password login file
2.05.01 Change SID and service name for third-party
applications
2.06.01 Check separate applications authentication
systems
3.00.00 Oracle Access Controls
3.01.01 Check utl_file_dir parameter
3.01.02 Check dbms_backup_restore package
permissions
3.01.03 Audit Java access to the O/S
3.01.04 Be aware of how Java and Oracle interact
3.01.05 Secure Con Text
3.01.06 Remove oo4o if not needed
3.02.01 Remove PUBLIC select on ALL_USERS
3.02.02 Secure all ALL_% views
3.03.01 secure or remove extproc
3.04.01 Understand Data Access Descriptor
administration
3.05.01 Check access to catalog roles
3.05.02 Check access to dba role views
3.05.03 Password protect admin roles
3.05.04 Check role hierarchy depth
3.05.05 Adopt role naming conventions
3.05.06 Create a role to manage users accounts
3.06.01 Database in archivelog mode?
3.06.02 Check user_dump_dest is valid
3.06.03 Check background_dump_dest is valid
3.06.04 Check core_dump_dest is valid
3.06.05 Check that global_names is true
3.06.06 Check that log_archive_start is set to true
3.06.07 Check max_enabled_roles less than 30
3.06.08 Check that os_authent_prefix is set to (null
string).
3.06.09 Check that os_roles is set to false
3.06.10 Check that O7_dictionary_accessibility is set to
false
3.06.11 Check that remote_os_authent is set to false
3.06.12 Check that remote_os_roles is set to false
3.06.13 Periodically confirm parameters in database are
the same as the configuration file
3.06.14 Check IFILE and the contents of files pointed to
by IFILE
3.06.15 Audit remote_listener
3.06.16 Check that pfile and spfile can only be written to
and read by the software owner.
3.06.17 Audit exempt access policy privilege
3.06.18 Check record locking parameters
3.06.19 Check for SQL92_security
3.07.01 Non sys objects in system tablespace
3.08.01 Check for users who have dba privilege
3.08.02 users or roles granted ALL PRIVILEGES or too
many privileges
3.08.03 ANY privileges
3.08.04 WITH ADMIN or "WITH GRANT" privileges
3.08.05 Check for privileges granted WITH GRANT
3.08.06 system privileges granted
3.08.07 Check for application objects owned by
privileged users
3.08.08 Check for direct access granted to tables and
objects rather than through ROLES
3.08.09 CREATE LIBRARY privilege
3.08.10 Use roles to access underlying database
objects
3.08.11 Audit access privileges on objects
3.08.12 Use Integrity constraints
3.08.13 Use triggers to insert critical data
3.08.14 Restrict users to one role at once
3.08.15 BECOME USER privilege
3.08.16 CREATE ANY DIRECTORY privilege
3.08.17 CREATE ANY JOB privilege
3.09.01 Check for EXTERNAL users and also DBA
3.09.02 Check for external users who are dba
3.09.03 Check for external users who have ALL
PRIVILEGES
3.09.04 Ensure external users have the least privileges
possible
3.09.05 Do not use remote host based authentication
3.09.06 Check that no external users have SYSDBA or
SYSOPER
3.10.01 Revoke public execute privilege on utl_file
3.10.02 Revoke public execute privilege on utl_tcp
3.10.03 Revoke public execute privilege on utl_http
3.10.04 Revoke public privilege on utl_smtp
3.10.05 Audit public execute privileges on sys owned
packages.
3.10.06 Revoke the public execute privilege on
dbms_random.
3.10.07 Revoke the public execute privilege on
dbms_lob
3.10.08 Revoke any privileges on dbms_sql and
dbms_sys_sql granted
3.10.09 Audit packages available via a database link
3.10.10 Use invokers rights PL/SQL procedures
3.10.11 Check DIRECTORY objects
3.10.12 Revoke execute privileges on sys.initjvmaux
3.10.13 Revoke public execute privilege on dbms_job
3.10.14 Revoke public execute privilege on
dbms_scheduler
3.10.15 Revoke public execute privilege on owa_util
3.11.01 Use ROLES instead of directly granted
privileges where possible
3.11.02 Access tables through packages or roles.
3.12.01 Change system users default tablespace.
3.12.02 Change users default and temporary
tablespaces
3.13.01 Revoke the RESOURCE role from users
3.13.02 Revoke the CONNECT role
3.13.03 Add passwords to administrative roles
3.13.04 Revoke all from PUBLIC that's not needed
3.14.01 Set password lifetime in profile to 60
3.14.02 Set password grace time to 3
3.14.03 Set password reuse max to 20
3.14.04 Set failed login attempts to 5
3.14.05 Set up profiles for database users
3.14.06 Set up general profile parameters
3.15.01 Set _trace_files_public to false
3.15.02 Review initialisation parameters
3.15.03 Ensure system triggers fire
3.16.01 Audit tablespaces for Rogue objects and
whether autoextensible.
3.17.01 Check each user has a tablespace quota
3.17.02 Establish different users for schema
management and data management
3.18.01 Set up naming conventions for schema owners
and administrators and users
3.19.01 Check for triggers on others tables
3.20.01 Audit access to critical sys/dba owned tables
and views with oracle passwords
3.20.02 Audit access to all dba and sys owned views
3.20.03 Revoke SELECT ANY TABLE
3.21.01 Revoke object creation privileges from all but
schema owners and DBAs
3.21.02 Audit general users object access
3.22.01 Audit views to ensure correct access
3.23.01 LOCK SYS and SYSTEM and create new DBA
accounts
3.24.01 07_DICTIONARY_ACCESSIBILITY =FALSE
3.25.01 Prevent the dba from reading application data
3.26.01 Audit integration and server to sever
communications
3.27.01 Disable unneeded TCP ports.
3.28.01 Audit and secure statspack
4.00.00 Auditing
4.01.01 Configure audit and storage.
4.02.01 Audit failures on critical objects
4.02.02 Use triggers to capture login events
4.03.01 Audit create session
4.03.02 Audit use of all
4.03.03 Audit the use of all drop statements
4.03.04 Audit the use of all alter statements
4.03.05 Audit the use of create user
4.03.06 Audit use of create role
4.03.07 Audit all create statements
4.03.08 Review audit logs
4.03.09 Use Log Miner to audit in the case of forensics
4.04.01 Configure basic audit
4.04.02 Limit users who can change the audit
4.04.03 Protect,backup and purge the audit trail
4.04.04 Backup the audit trail
4.04.05 Purge the audit trail
4.04.06 Audit all SYS operations
4.05.01 Check date / time stamps on database objects
4.06.01 Ensure reports and alerts are in place to deal
with irregularities found through audit
4.07.01 Use triggers for row level auditing upto 8i
4.07.02 VPD, RLS and label security
4.08.01 Be aware of possible failure to be alerted of
suspicious activities
4.09.01 Be aware of possible failure to audit the security
profile.
4.10.01 Monitor Other Oracle generated log files
5.00.00 Networking
5.01.01 listener Password and Admin restrictions
5.01.02 Prevent remote dba access on sql*net v1
5.01.03 Audit the listener.ora file
5.01.04 Enable shared sockets
5.01.05 Use a firewall to protect the Oracle server
5.01.06 Change the standard listener ports 1521, 1526
5.01.07 Change the names of the SID and Listener
5.01.08 Do not use hostnames in listener.ora In small
environments.
5.01.09 Use a personal firewall on database
administrator computers
5.01.10 Secure listener.ora at the O/S level
5.01.11 listener logging enabled
5.02.01 Restrict sources of connections
5.02.02 Use connection manager to restrict by source
5.03.01 Set the listener password
5.04.01 Restrict listener banner information
5.05.01 Use a firewall to protect the Oracle server.
5.06.01 Audit Oracle client file permissions
5.06.02 Audit client configuration file contents
5.06.03 Audit the listener and sqlnet files on the server
5.07.01 database links
5.07.02 Discover what objects can be seen in the linked
database
5.07.03 Create a policy to manage database links
5.07.04 Database link user should not be a dba
5.07.05 Audit what links exist into and from the
database
5.08.01 Confirm the file permissions in the network
admin directory
5.08.02 Add only minimum configuration files to all
clients
5.09.01 Keep up to date with Oracle listener
vulnerabilities and patch
5.10.01 Secure remote dba access to the server
5.10.02 Use an application gateway firewall
5.11.01 Set server to dedicated in the tnsnames.ora file
5.11.02 Oracle ports scan
5.12.01 intelligent agent
5.12.02 Protect clear text passwords for SNMP
5.13.01 encrypt data transfer
5.13.02 Enable SSL to protect client transmissions
6.00.00 Availability / backup / Recovery
6.01.01 Backup and recovery procedures
6.01.02 Document recovery procedures
6.01.03 Store backup media off site
6.01.04 Schedule cold backups
6.01.05 Validate the backup media regularly
6.01.06 Do not allow backups to be available on-line
6.01.07 Create and use media retrieval procedures
6.02.01 On line redo logs mirroring
6.03.01 Ensure the database is in archive log mode and
protected
6.03.02 -
6.03.03 -
6.04.01 Separate the Oracle software from data and
from on-line redo and archive
6.04.02 Keep Oracle data files on separate disks
6.04.03 Use OFA
6.04.04 Use striping and mirroring or RAID for Oracle
data
6.05.01 Destroy old disks that have contained database
data.
6.06.01 Document and review disaster recovery
procedures
6.06.02 Include business users in disaster recovery
planning
7.00.00 Application Development
7.01.01 wrap PL/SQL code in the database
7.01.02 Checksum all PL/SQL objects in the database
7.01.03 Audit PL/SQL code for hard coded usernames
and passwords
7.01.04 Audit PL/SQL code for possible SQL injection
attacks
7.01.05 Ensure as little information as possible about
schema structure is available from the code in
Oracle
7.01.06 Pre-compile Java code before loading into the
database
7.02.01 Secure accounts accessing through ODBC
7.02.02 Implement procedures to limit which
applications can access the database and from
where
7.02.03 Audit software/admin tools accessing the
database
7.03.01 When decommissioning old applications
remove all binaries and files
7.04.01 Review procedures for adding new applications
7.05.01 Establish procedures for movers, -rs and joiners
7.06.01 Audit application file permissions
7.07.01 Audit application development on production
databases
7.08.01 ad-hoc queries against production database
7.09.01 test and development databases
7.09.02 Check for database links with access to
production databases from development or test
systems
7.09.03 Ensure live data held in test or development is
mangled or obfuscated.
7.09.04 Do not locate test and development databases
on the same server as production
7.09.05 Ensure there is no access from test and
development to production
7.09.06 No developer access to production
7.09.07 No developer database accounts should exist
on production database
7.09.08 Backups and exports copy passwords to test
and development ensure they are not the
same
7.09.09 Place development and test on different
network segment to production
7.10.01 non application objects in application
tablespaces
7.10.02 Ensure no privileged user owns application
objects
7.11.01 Resources used by the database
7.12.01 Application authenticaion vs Oracle
authentication
7.12.02 Do not use one database login to authenticate
all users
7.13.01 Do not use schema owners for administration
tasks
7.13.02 Ensure the schema owner is not a dba
7.13.03 Lock schema owner accounts
7.14.01 Audit public synonyms
7.15.01 Hard coded usernames and passwords in
applications
7.15.02 Consider not using Java
7.15.03 Do not allow applications to change the schema
7.16.01 Batch processes
7.16.02 Do not use external accounts for batch
processes
7.16.03 Consider password retrieval and use in
schedulers
7.16.04 Enable batch database accounts only when
needed
7.17.01 Product user profile in SQL*Plus
7.17.02 Audit query tool privileges
7.18.01 Encrypt critical data
7.19.01 Audit generated applications for known
weaknesses
7.19.02 Audit public libraries used for know
vulnerabilities
7.20.01 Use change control
7.21.01 Audit use of advance queues
7.22.01 Audit client access and dev tools
7.23.01 Ensure no tool offers better access to the
database than the application
7.24.01 Checksum application files for Trojans
7.25.01 Start the Oracle HTTP Server as a non
privileged user
7.25.02 Configure HTTPS and secure the listener
7.25.03 Add authentication for users
7.25.04 Set HTTP passwords
7.25.05 Configure product user profile for iSQL*Plus
7.25.06 Restrict databases that can be accessed
7.25.07 Disable iSQL*Plus on production servers
7.27.01 remove debugger privileges
7.28.01 Be careful to sanitise data for external use
8.00.00 Apply latest patch and keep up to date with
vulnerabilities
Credits: Thanks to David Litchfield and Pete
Finnigan as well as all the SANS oracle security
team led by Paul Wright.
The threat that it mitigates
attacker taking control of files that should be owned by Oracle account
Check OS file permissions in $ORACLE_HOME/bin and $ORACLE_HOME
and should all be owned by ORACLE and group membership checked and
recorded.OTHER group was able to edit the binaries used to run oracle then
a denial of service could be easily mounted. Also malicous binaries could be
written over the actual b inaries.
attacker taking over the oracle account and using it maliciously
attacker knowing the account name makes it quicker to attack that account
lack of identity trail i.e. who is it that is logging on as oracle
attacker gaining control of listener allows control of database
DBSNMP can read user$ as it has the SELECT ANY DICTIONARY privilege .
It has a default account/pass so common way into the database. DBSNMP is
the user account that the Oracle Intelligent agent uses which has to be able to
login remotely and automatically for the intelligent agent functionality to work.
means that files created by the ORACLE acount will have secure permissions
by default.
-
This will prevent malicious access to the Oracle software on the server as
long as the normal Windows hardening procedures are also taken.
Oracle installation requires a temp directory. Should not use /tmp as
permissions are open. Therefore set TMP_DIR and TMPDIR variables to
more secure locations which only ORACLE account should have permission
to read, write and execute .
-
should not contain root account or other low privileged users as OSDBA
maps to SYS AS SYSDBA which is the most powerful user/role combination
in the Oracle database. OSDBA can shutdown the whole database. Also
make sure ORACLE is not a member of the root group.
-
dba is the generic group name for the OS dba group and this should not be
used as it known and would make attacking the OS easier.
manually create a group that is not called ORA_DBA for the ORACLE group
-
tkprof is used to read trace files and should be used off the production server
otrace has known security issues and also performance issues as the .dat
files it uses can grow to be very large.
The datafiles (.dbf) hold the actual persistent data and need to be protected
In order to recognise suspicious activity in the database the dba should
monitor all log files which are kept historically for a set period of time.
-
-
RDA files contain a lot of internal connection details and are uploaded to
oracle support in an insecure manner. This input should be sanitised before
sending to Oracle support.
Oracle raw devices should have minimum permissions so only Oracle can
use them.
In UNIX the usernames and passwords that scripts are being run under may
show when running the ps -ef command. This is a well known issue as an
attacker could simply read these credentials and then impersonate that user.
-
shell history recalls the previous commands but could also show an attacker a
username password combination e.g sqlplus scott/tiger
TNS sends much information in the clear such as the version number of the
database. SQL*PLUS username/password via Oracle Authentication is
encrypted but it has been broken by NGS and our recommendation is to use
SSH for client to server communications and IPSEC for permanent
server/server connections. Oracle Advanced Security is a more expensive
option to the above.
This is a link that discusses the weaknesses of Oracles network
authentication mechanism. http://www.fors.com/eoug97/papers/0356.htm
An attacker can force a second non-encrypted login which is defended by
setting this parameter
-
-
jdbc thin drive transmits clear text error message including username and
encrypted password and possibly used therefore set minimum privileges for
users with thin client access.
older versions of oracle 8 have many SETUID and SGID binaries most of
which can be removed either by permission or completely.
Dbnsmp is SUID root and should either be removed or changed.
The users environment may contain usernames and passwords to make
scripts work easily
automated scripts have to work as a user which may be hardcoded into a
script. Check cron jobs too.
-
-
The database configuration assistant can be used to create databases but
also creates scripts with username /passwords that are insecure.
OS auditing can be useful for Oracle to see what the OSDBA, OSOPER
groups and ORACLE user have been doing.
correlated log analysis is a growing requirement in large enterprises so that
events can followed over many systems. This may be a hack or a system
failure. This requires synchronised time.
-
-
a process list can show programs that are not meant to be running. One of
these may be malicious
attacker editing the control files which are needed for Oracle to work
trace files can contain sensitive data such as the ability to read internal
database structures and be dumped by anyone with ALTER SESSION
privilege. Audit the presence of check files to make sure no unauthorised user
is doing so and that no unauthorised user can read trace files created.
-
ALTER SYTEM allows the trace and dump directories to be changed and
ALTER SESSION privilege allows the database structures to be dumped.
Attacker may either export the db's data including SYS.USER$ passwords or
be able to read a legitimate export which could be imported into the attackers
own database.
-
The redo logs are a record of the SQL commands needed to return the
database to a previous state and may be archived preferably remotely in
order to facilitate a backup recovery. This data is precious and should be
protected.
-
External tables are a link to the OS which allow database user to modify OS
file and OS user to modify database file if the permissions allow. Therefore
the permission/privileges of these external tables should be checked at both
ends. This is not as serious as the UTL_FILE but should be checked.
Native PLSQL compilation allows PLSQL to be compiled via a C compiler to
native code. This is dangerous as access to this functionality would allow
execution of other binary files and to wrap exisitng PLSQL packages with their
own code.
Psservice allows a windows service to be shut down remotely. Therefore
secure the ORACLE account
at the database level above the OS are users as well that should be
monitored. Users such as SYS that are not meant to be logged in most times
can be checked to see if they have a session open
Third party application user management is often required. Sometimes
however it can be managed by the database. Applications store their
passwords in the database anyway so this link has to strong anyway. It is
often possible to bypass application security by logging in directly as the
application user.
strong memorable passwords are essential and the profile features of oracle
can be used to control password lifetime, reuse, lock time and gracetime. Use
of profiles is heavily recommended.
Need to use the Password management features of Oracle to allow constant
checking for compliancy.
users may use the same login and password for convenience or to hide their
identity. This make saccountability impossible.
-
Oracle comes installed with many default accounts which are set with a
default password. 10g release 1 and 2 are improving the security of these
accounts by locking the default ones but they still come with default
passwords. 8i and 9i have many default accounts that are unlocked with
default known passwords and have high privileges assigned such as being
able to read the password hashes from sys.user$. There are also many
default accounts for third party applications that use Oracle. This list of default
accounts includes users and roles.
-
default accounts may not have password management features enabled as
the profile has to be changed and the profile assigned to the user/role. It is
important that accounts be protected from an attacker attempting to brute
force an account.
-
-
The SYS and SYSTEM password are default user accounts as well and are
set with the default passwords such as manage and change_on_install. This
should be included in a default password audit but may be overlooked so it is
worth explicity checking these accounts due to their sensitivity.
-
-
This parameter is set to NONE prior to 8.1.7 and EXCLUSIVE after that. It
should be checked that the value has not been changed.
It is possible for accounts such as ordsys to have tablespaces using SYSTEM
which if allocated without a quota could be filled up by the account and DoS
the machine.
-
- this
Oracle passwords are by default limited to 30 characters that can be used
and the variety of each character is limited to alphanumerics a few special
characters all upper case.
Given this fact they are susceptible to being cracked.
An example of this problem is shown in this paper by Josh Wright
http://www.sans.org/info/911/
- this
-
-
-
With leaving staff and contract workers it is possible that there are accounts
in the db that are not being used termed "dormant".
There should be a process that can identify accounts that are not being used
anymore so that they can be removed.
users such as SYS, INTERNAL and users granted SYSDBA/SYSOPER
have their password recorded in $ORACLE_HOME/dbs/orapw<SID>
-
Separate applications often have their own authentication system which may
provide a weak point of entry. It is worth querying the database tables for
these passwords.
UTL_FILE_DIR is the location on the OS that UTL_FILE package points to
from Oracle database. This should not be set to "*", the location of the trace
directories, "/tmp", "/" or other locations where important scripts lie. The
reason being that UTL_FILE could be used to open a script and then saved
as empty which would render the script useless.
This package can copy, alter and delete files and so needs to be controlled
tightly.
Java can be used to access the OS from Oracle so Java permissions should
be checked and if not needed should be revoked completely.
-
Oracle Context allows a database user to access external files.
The functionality is owned by CTXSYS which unfortunately also has PUBLIC
execute on many of the packages and tables.
-
ALL_USERS is a view like DBA_USERS but intended for anyone to use
which is why PUBLIC is granted select on it. This view does show the
usernames and this information is part of the way in which the password
algorithm works as the username is the salt used to encrypt the password.
See the end of SECOPs book.
-
ExtProc enables external access to C libraries on the OS from the database
and from the Listener remotely if enabled which it is by default. This is
inherently insecure and additionally NGS has found buffer overflows in the
fixes that were made to subsequently secure Extproc.
http://www.ngssoftware.com/advisories/ora-extproc.txt
http://www.oracle.com/technology/deploy/security/pdf/plsextproc_alert.pdf
http://www.oracle.com/technology/deploy/security/pdf/2003alert57.pdf
Please see the Shellcoders handbook page 406-10 for more detail of the
buffer overflow.
Also see Database Hackers Handbook page 89
Also see security the Listener further on in this guide.
-
Only DBA should have access to the catalog roles
SELECT_CATALOG_ROLE
EXECUTE_CATALOG_ROLE
'DELETE_CATALOG_ROLE
Views pre-fixed by the lettes DBA are for the use of the DBA and should not
be viewable by non DBA users. Unauthorised access should be revoked.
-
-
-
-
Preferably, in order to allow complete Point In Time recovery the database
should be in ARCHIVELOG mode which means that the redo logs are kept so
that the database can be reinstated to a previous state.
It is also preferable that the ARCHIVELOGs are kept remotely so that if the
local machine becomes unusable the logs are not affected.
-
-
-
-
-
In order to limit the Role inheritance heirarchy set max_enabled_roles to 25 or
so
If os_authent_prefix is set to (null string) then a user can either logon
externally or internally not both. External is insecure and should be seperated
in this manner.
-
-
If true then can log in without oracle authentication. This can be hacked easily
from a non windows machine as it relies on the way that the username is
formed.
Can be spoofed remotely so need to disable
The init.ora file is a flat file which may not actually be loaded into the memory
the database so it is worth checking the two. There is also the trick of adding
parameters at a the very bottom of an extended init.ora file which may not
show when a text editor is used.
IFILE parameter allows additional parameters to be contained in a separate
init.ora pointed to by the first. Avoid use of this functionality where possible
and check to see if it is being used or not. If so check the second parameter
file to see what parameters are being set.
If the system is not using a remote listener then check to see if the
remote_listener parameter is null.
-
exempt access policy privilege can be used to circumvent fine-grained
security. Check for unauthorised granting of this privilege.
SERIALIZABLE set to FALSE and ROW LOCKING set to ALWAYS
User must have SELECT to DELETE and UPDATE.
Check for non sys owned objects in the system tablespace that are not
default Oracle objects.
this is most powerful role and should not be widely used so check for users
and roles that have it.
A user could be granted ALL PRIVILEGES which is the opposite of least
privilege and should be avoided.
ANY privileges are to be avoided as it is not accurate to need.
WITH ADMIN or "WITH GRANT" privileges allow the grantee to pass on the
privilege to any other user. This should be avoided and monitored.
-
system privileges tend to be more powerful and so should audited in case
unauthorised users have them.
-
It is generally preferable to assign privileges to ROLES and ROLES to users
rather than privileges to users. This is debatable though given the
disadvantages of roles already highlighted so this item is not critical.
CREATE LIBRARY privilege can be used to access the OS and escalate
privilege and so this privilege should be revoked if not completely needed.
-
-
-
-
-
BECOME USER privilege allows one user to act as another and should be
closely monitored.
CREATE ANY DIRECTORY privilege allows a user to make a bridge between
the DB and OS which is a potential security weakpoint and so this privilege
should be monitored. There is no CREATE DIRECTORY so it is just
CREATE ANY DIRECTORY.
CREATE ANY JOB privilege allows the grantee to run PLSQL jobs as
another user and should be closely controlled.
External users have already been addressed in the OS section but an extra
check is to see which users have the password of 'EXTERNAL'.
EXTERNAL users should have absolutely minimal privileges as it is possible
to spoof their logins. No SYSDBA or SYSOPER users should be allowed to
have EXTERNAL passwords.
-
-
-
-
-
UTL_FILE is used to bridge between the oracle database and the supporting
OS and can be used to exploit the OS especially on Windows which has had
problems limiting UTL_FILE to the $ORACLE_HOME.
utl_tcp can be used to connect from an Oracle database over the network to
another database and is a common way for a hacker to move from machine
to machine. PUBLIC does not require these privileges.
SYS owned packages can be ran as SYS by any user with execute privileges
unless INVOKER rights are specified which is not the default. PUBLIC as a
role is a blunt instrument as it is too wide in most cases. Iit is difficult to
maintain least privilege when the PUBLIC role is assigned privileges. This is
especially the case when the privileges are to SYS owned objects which have
the ability to run as SYS much like SUID in UNIX binaries.
It is advised when developing internal packages that auth_id current_users is
used instead of definers rights to make the risk of the package being used
less critical.
-
DBMS_LOB can used to access files on the OS due to a bug in the way it
handles relative paths. EXECUTE should be revoked from PUBLIC anyway
but this is even better reason.
These packages should not have PUBLIC EXECUTE privileges as they can
be used to trick DBA into executing commands as invoker. This was more of
a threat when security models pre 8i worked on definer rights only.
-
-
DIRECTORIES from an Oracle point of view are links to the OS and should
be monitored as part of an audit. Directories tend to be left behind after they
are used and no longer needed which is a medium security risk.
This package can be used to used to escalate privilege and so should not
have privileges granted on it. By default it should have no privileges.
dbms_job can be used to run scheduled jobs at a certain time which is useful
for an attacker so that there scripts run unattended.
Revoke execute privilege
the dbms_scheduler has had a number of attacks directed at it and should
preferably not be used at all. For certain the default execute privileges that
PUBLIC posesses on the package should be revoked.
The OWA_UTIL PL/SQL application exposes a number of stored procedures,
which may be
accessible anonymously via the web.
It is better to organise privileges via ROLES than USERs directly as ROLES
can be GRANTED and REVOKED en bulk
-
-
-
RESOURCE has more privileges than are required for instance UNLIMITED
TABLESPACE which can cause a DoS.
CONNECT has more privileges than required to connect to the database.
Revoke the connect role and replace with a stripped down version that has
CREATE SESSION
Select * from dba_sys_privs where grantee='CONNECT';
GRANTEE PRIVILEGE
------------------------------ ----------------------
CONNECT CREATE VIEW
CONNECT CREATE TABLE
CONNECT ALTER SESSION
CONNECT CREATE CLUSTER
CONNECT CREATE SESSION
CONNECT CREATE SYNONYM
CONNECT CREATE SEQUENCE
CONNECT CREATE DATABASE LINK
In high security environments powerul roles such as DBA should be
passworded. Please note that a passworded role granted to another role does
not need a password anymore from the other role. Also password
management features do not apply to roles so roles have weaknesses too.
PUBLIC role has privileges that can be accessed by any valid database
account. As such all ROLEs and privileges not required should be revoked.
-
-
-
-
As well as pass management Profiles allow for session management which
can help defend a session from attack.
These profile parameters should be set up and different values set in different
profiles for each security level of user.
-
Set _trace_files_public parameter when set to true can allow any user to read
the trace files so explicitly set this to false.
Parameter value changes can be missed and have a large affect there fore
they should be checked especially as some parameters are hidden.
-
An applications tablespace should not have objects owned by another user
within it because if the object grows in size it may cause an denial of service
on the application . Autoextensible tablespaces can also grow and deman too
much disk space so this should be monitored.
In order to stop a user from taking up too much tablespace and possibly
causing a DoD accidentally or maliciously a quota should be imposed that will
limit the size of that users tablespace.
-
-
It is possible to steal data from another schema using a trigger. Triggers
should be audited in order to find triggers in a schema owned by someone
else.
user$, link$ and dba_users view allow access to the password hashes which
in combination with the username makes decrypting the hash feasible.
-
-
object creation should be limited to the schema of the owner and to
privileged accounts such as DBA. Object creation privileges such as create
table should be revoked for non-DBA and non-schema owners.
due to privilege inheritance with ROLES it is easy for a user to be able to see
objects they should not. The best way to test this thoroughly is to login as that
user and see what can be seen.
VIEWs can by design be used to update the underlying table if update is
granted on the VIEW. This should be monitored. On top of this is the fact that
there has been a bug in Oracle where
This measure when combined with a less obviously named new DBA account
will help to secure the database from unauthorised privileged access.
SELECT ANY TABLE privilege should be revoked but if a user does have it
then the setting of 07_DICTIONARY_ACCESSIBILITY =FALSE would mean
that they could not SELECT from the data dictionary which holds important
metadata about the database including passwords.
This can be used prevent DBA's reading critical data as well.
-
-
Ports 2100 and 8080 were added to 9iR2 as part of the XDB server and
represent an additional attack surface which if not needed should be
removed.
PUBLIC has privileges on STATS$% tables and should be revoked and
GRANTED back individually.
basic Oracle Auditing can either be to the OS or to the DB which is easier but
the OS is more secure as the OS is harder for a DB user to delete and will
less likely affect the running of the DB if the Audit logs get very large.
SYS.AUD$ is the database table that takes the auditing logs which since it is
on a SYSTEM tablespace and allowed to grow could DoS the whole
database. Moving AUD$ away from SYSTEM tablespace is not supported by
Oracle but can be done.
The other major issue with auditing is the problem with performance as the
more that is audited the more resources are taken away from the running of
the server. It has often been the case that all auditing is switched off in order
to aid performance. This is not recommended. Auditing of most important
actions should be made as a minimum. These are all actions by SYS and
actions on critical system tables such as SYS.USER$ by everyone.
Please see Oracle Privacy Auditing by Arup Nanda for more detail on
Auditing on Oracle.
The failure of any user to update a critical table is classic auditing priority and
can be done easilly. The more users who are likely to be affected by this then
the less it should be done due to performance hit.
-
Auditing create session would be used to catch the time that users logon and
off. It would generate a lot of audit. The same principle follows for these audit
actions:
Audit grant,drop, alter,create user, create role,
-
-
-
-
-
-
The audit logs are easily readable via a view called dba_audit_trail.
As someone is going to need to read and react to this audit this is another
reason for selectively auditing the most important events in the DB. Aslong as
redo logs are being archived off the databases state can always be inspected
using Logminer
http://www.giac.org/certified_professionals/practicals/gcfa/0159.php or
reinstated.
-
-
Auditing is a sensitive subject especially when auditing privileged users.
The auditing role should be limited to a small group and separate from the
main DBA function so that they are independent.
If have to audit to sys.aud$ then can use auditing to protect the audit.
Make sure the audit is backed up and purged so that the disk does not fill to
cause DoS or lose audit logs.
-
-
-
-
-
can use triggers to provide row level auditing even though fine grained
auditing is not present in 8i.
FGA came in with 9i and allows auditing of what a user selected at the row
level. This is implemented using dbms_fga.add_policy.
Linked to FGA is Virtual Private Databases which allows segregation of data
between users so that they are as if they were in seperate databases. VPD
configuration is done using DBSM_RLS.
Oracle Label Security use user labels to grant access at the row level.
-
-
The other logs apart from Basic Oracle Auditing are:
Event Viewer,Syslog, Listener.log, access_log, error_log, sqlnet.log. These
can be used to correlate information after an incident.
The Oracle Listener is controlled by the LSNRCTL utility which previous to
10g allowed remote administration of the listener without authentication by
default. This meant that anyone could shutdown the listener remotely. The
Listener can be passworded which keeps remote administration but the
password can be inputted as a hash that has been sniffed instead. This is
assuming that the Listener password has been encrypted.
The secure way to configure the listener is with Admin Restrictions ON which
means that the Listener configuration changes have to be done locally by
editing the Listener.ora file at the OS.
-
-
If Oracle is networking through a firewall then set it so that it can shared
sockets.
Oracle networks on 1521 by default at the server but as the connection is
made MTS allocates a new server port for that connection. This will be
blocked by most firewalls so one solution is to force MTS to allocate a known
port after the initial exchange.
An alternative to this is to use a Proxy firewall such as Checkpoint NG1 which
keeps state of current connections and can therefore handle a change of port
number.
The Listener should not be connected to over the Internet.
These default ports are well known and it is easy to change the port.
Change the default SID name from ORCL and the default Listener name of
Listener.
IP addresses are safer and place less load on the DNS system but larger
networks require hostnames so that traffic can travel between subnets and so
that an IP related DoS can be averted.
-
If the listener.ora is the main point of Listener configuration then it should be
secured appropriately using OS permissions.
Brute force attempts are not stopped by the Listener but it can log them if
logging is enabled.
valid node checking can be set so that only authorised source IP addresses
can connect to the listener.
Connection manager can restrict connections based on origin, destination
and SID and it can accept wildcards unlike valid node checking.
-
-
-
-
-
The networking files on the server should be audited to make sure that the
permissions are adequate, the contents are correct and no nefarious copies
of these files can be viewed by an unprivileged user.
Please note that fat thumbed passwords may appear in the sqlnet.log from
failed SQL*PLUS connections.
Database links are useful to make connections from one database to another.
These links may contain clear text passwords and allow access to unsecured
development databases. Links can be PUBLIC,PRIVATE or GLOBAL.
PUBLIC can be used by any user and if this link is made using a fixed user
the authentication details will be in the link. Database links between
Production and Development should be avoided and all links should be
audited so that least privilege is extended through the link to the target
database.
-
-
-
-
-
-
-
-
-
-
Should run a regular port scan on the oracle server to see if additional
services have been added or if Oracle ports not required are running.
There are many default Oracle ports:
1521, 1526 default listener which should be changed. Please check the
appendices for a list of Oracle default port numbers.
The intelligent agent which functions like an Oracle version of SNMP called
DBSNMP which uses the DBSNMP account with default password DBSNMP.
It is possible to improve the security of this greatly above the default but it
should not be used on an untrusted network.
-
SQL*PLUS encrypts passwords (which can be broken if attacker has the
hash) but it does not encyrpt the data.
If the client connections are made via web browser then SSL should be used
which is part of OAS but can be implemented seperately from OAS.
-
Availability is one of the most important components of a security plan.
Having good backup and recovery procedures is part of maintaining
availability and therefore is part of a security plan. This is especially the case
when backups can be restored by an attacker. Why attack the server when
you can easily gain the backups for the server. Once copied then they may be
altered and if a recovery can be forced the attackers malware could get onto
the server. Backups are a current research topic for researchers
Backup procedures should not only be secured and practised this should also
be documented
In case of fire, bomb or flooding it is wise to have off site backup which must
be secured.
-
-
-
-
The Oracle database cannot work normally without the redo logs and so
these should be mirrored.
remote archive logging is preferable
-
-
-
-
-
-
Data can be recovered from hard drives using forensics techniques both at
the OS layer and DB layer.
-
-
Wrapping encodes the source code of a package in the database.
This process is recommended especially if the source has proprietary code
within it. A good reason for wrapping for example would be to hide the
mathematical calculation that is used to gain a result which is passed back.
Checksumming all the objects in the database can be done using the
packages within Oracle there is no need to do this externally unless there is a
fear that the database has already been attacked.
Oracle 9i wrapped PLSQL has the ability to read strings by in the file. This
can be a way to find usernames and passwords which should be checked for.
a common flaw with PLSQL packages both from Oracle and custom made is
the susceptibility to SQL injection. See
http://www.ngssoftware.com/papers/advanced_sql_injection.pdf
In essence the problem is code that forms dynamic SQL allowing SQL key
symbols as input which instead of being parsed as string is parsed as SQL.
-
Java source code can be read from sys.obj$ table and can also be read using
DBMS_LOB.
ODBC will carry the privileges of the user over to Oracle and so these
accounts should be checked too. Excel and Access can connect to Oracle via
ODBC and will pick up all the PUBLIC privileges.
-
Tools such as Toad, PLSQL Developer, SQL Developer and DBA studio can
be used to remotely access an Oracle database just like SQL*PLUS. These
tools can allow an overview of database structure that is not needed for the
developer.
-
-
-
-
Application developers often work on a production system before it is actually
put into production so it is important to secure what they have left behind
-
separate the two and try to mirror closely the environment so that developers
do not need access to the production server to test applications.
-
-
-
-
-
-
-
-
As described previously objects not owned the tablespaces schema owner
can pose a risk if they grow and cause a DoS especially if the objects are
owned by privileged users.
-
Resources can become overused especially with installation of third party
applications therefore it is wise to check these resources after installation and
running.
Care should be taken when implementing and designing application
authentication that it cannot be side stepped within Oracle.
-
Using a schema owner to access the databaes means that all objects within
that schema become available as well as any higher privileges granted.
-
-
-
Avoid hardcoded usernames and passwords where possible certainly
plaintext.
-
Since applications can be hacked through SQL injection, fuzzing and buffer
overflows it is a good idea to give minimal privileges to the application. This
would include not giving DDL privileges on the schema which would allow
injected SQL to drop tables etc.
Batch processes should access the database through one specific account
-
-
By enabling batch accounts at the time they run and disabling other accounts
at that time activity can be monitored more easily.
The PUP can be used to control users access via SQL*PLUS
-
Sarbannes Oxley recommends the use of data encryption within the database
which hinders an attacker and also stops DBA's from reading very sensitive
data. This is recommended.
-
-
-
-
Audit saved passwords in the tools which may be encrypted weakly. Should
be deleted. Also the accounts used via developer tools should have least
privilege applied to them. It is good practise to checksum the developer tool
binaries and compare these with known good hashes to make sure they have
not been trojaned.
-
-
-
-
-
-
-
-
iSQL*Plus requires a working http server on the same machine as the
database which is a security weakness. Disable iSQL*Plus on production
servers.
thre are a number of debuggers included with oracle such as dbms_debug,
oradebug and via dbms_java. It would be preferable to remove these but not
always possible so remove all privileges to them.
They can be granted back when needed.
Data through employment adverts, RDA output to Support, Application server
error pages etc should all be minimised as this is valuable reconaisance for a
hacker. Especially using historcal records such as www.archive.org or
googles cache.
Depending on both the components installed and the version of the database
the latest CPU should be installed on test machines and then on the
production machines unless it breaks current applications. The last two CPUs
on 10 have applied more smoothly now that they are Java based.
Please note that many vulnerabilities do not get patched for a long time so a
member of the team should be tasked with monitoring websites that may have
new Oracle security information of which there are many such as bugtraq and
packetstorm.
http://www.securityfocus.com/archive/1
For example http://www.securityfocus.com/archive/1/432078
http://ww.packetstormsecurity.nl/
As well as the Oracle Security website.
http://www.oracle.com/technology/deploy/security/alerts.htm
Plus specialist Database security websites such as
www.databasesecurity.com
It is not just Oracle vulnerabilities but also the supporting OS.
version 3.1.1
Description of how to do it
ls -alR > recursivels.txt
$ORACLE_HOME/bin set to 0755
and all other $ORACLE_HOME to 0750
cat /etc/passwd
passwd -l <username>
use a different OS account name for Oracle software owner
sudo to oracle
In UI select custom install and use different account for listener
either drop DBSNMP
DROP USER DBSNMP CASCADE; or run
$ORACLE_HOME/rdbms/admincatnsnmp.sql/
change username/password is minimum.
For high security should remove the DBSNMP binary from the
$ORACLE_HOME/bin as this is SUID.
Also change the DBSNMP password in snmp_rw.ora file
bash-2.05$ umask 022
-
set file type to NTFS
ORACLE user account created to own the Oracle software should not be
called "oracle"
The user should be a local admin and not a domain user.
This user should be made part of a group not called ORA_DBA.
Remove everyone using inherited permissions.
mkdir /u01/temp
TEMP=/u01/temp; export TEMP
TMPDIR=/u01/temp; export TMPDIR
-
cat /etc/group
adduser <username> <groupname>
Adds username to the group groupname
-
groupadd <groupname>
controlpanel>admintools>compmanagement>groups
-
delete tkprof binary from $ORACLE_HOME/bin
CD to the $ORACLE_HOME/otrace/admin directory of your
instance and remove or delete the dat files related to otrace.
process.dat
collect.dat
regid.dat
Once these are removed/deleted you should restart your
instances and listener and otrace will be disabled.
The database file location is usually in the parent directory of the control
files which can be found by
select name,value from v$parameter where name='control_files';
These permissions should be 600 if ORACLE is to run the db.
This process necessetates the archiving of log files and when space is an
issue deleting logs of a certain age so that there is rotation. It is worth
correlating with SYSOG and IDS logs using timestamp as the central
unifier of these logs. Therefore strong synchronisation of timestamp is
required. This should be done using GPS or CDMA to give an accurrate
internal stratum 0 source not via untrusted NTP from external source.
-
-
A perl script could be used to parse the RDA files before sending to Oracle
Support. This is a current research project at GIAC and more information
will be available from this URL in the near future.
http://www.giac.org/certified_professionals/listing/gsoc.php
The local copy of the RDA files should be deleted after they have been
sent.
ls -al device/disk/volume
hide.c available from oracle metalink support allows the
username/password to be hid from the ps -ef command.
Metalink notes 136480.1 and 1009091.6
Should restrict use of the PS command using OS permissions.
-
restrict shell history by reducing the HISTSIZE environment variable to as
low an amount as is appropriate for your environment for each user.
Putty is a free and popular client that can be used for client connections.
http://www.chiark.greenend.org.uk/~sgtatham/putty/
Need to edit the tnsnames.ora file and port forward using putty
# TNSNAMES.ORA,Network Configuration File:
C:\oracle\ora90\network\admin\tnsnames.ora
PLSQL =
(DESCRIPTION =
(ADDRESS-LIST =
(ADDRESS = (PROTOCOL = TCP) (HOST = localhost) (PORT = 7774)))
(CONNECT-DATA =
(SERVER = DEDICATED)
(SERVICE-NAME = plsql)
)
)
then:
ssh -L 7774:venus:1521 venus
edit the text file init.ora to include the statement
ORA_ENCRYPT_LOGIN=TRUE;
DBLINK_ENCRYPT_LOGIN =TRUE
-
-
REVOKE privilege from USER
chmod -s binaryname
it is possible to read a users environment remotely so these should be
audited and any that are not absolutely essential removed. Use the $env
command or system>advaneed>environment variables.
#!/bin/bash/
find $ORACLE_HOME -name "*" -print | while read filename
do
echo "filename "$filename >>user.lis
egrep -I 'connect|sqlplus' $filename >> user.lis2>/dev/null
-
-
audit the $ORACLE_HOME for this scripts and remove them and also
remove the database configuration assistant or dbca which is in
$ORACLE_HOME/bin.
Tripwire can be used to monitor the state of the oracle files. Oracle basic
auditing can be set to log to the OS instead of sys.aud$. This is
recommended as the DBA cannot directly alter this auditing log.
save Oracle logs to syslog in a central remote loghost server.
Syslogng is also worth looking at for this purpose.
-
-
lsof will list the processes on UNIX and can be compared to known list of
good processes.
to find OS Location select name from v$controlfile; .ctl files read/write by
ORACLE only
/bin/bash/ find $ORACLE_HOME -name "*.trc" -print | while read filename;
do echo "FILENAME IS "$filename >> trc.lis; egrep -i 'Image' $filename >>
trc.lis 2> /dev/null; done
audit the presence of trace files:
select name, value from v$parameter where name like '%dump_dest%';
Then ls -al that directory to see who can read them.
Also check for trace files outside of the usual destination using
find $ORACLE_HOME -name "*.trc" -exec ls -al {} \; - print
-
select grantee, privilege from dba_sys_privs where privilege in ('ALTER
SYSTEM', 'ALTER SESSSION');
DBA ROLEs should be ignored as they need these privileges.
find $ORACLE_HOME -name "*" -print | while read filename do egrep -I
'EXPORT' $filename >>exp.lis 2> /dev/null done
-
select log_mode from v$database; select
name, value from v$parameter where name like '%arch%';
-
example:
SQL> select table_name, default_directory_name from
dba_external_tables;
TABLE_NAME DEFAULT_DIRECTORY_NAME
------------------------------ ------------------------------
SALES_TRANSACTIONS_EXT DATA_FILE_DIR
SQL> select * from all_directories where directory_name =
'DATA_FILE_DIR';
OWNER DIRECTORY_NAME
------------------------------ ------------------------------
DIRECTORY_PATH
--------------------------------------------------------------------------------
SYS DATA_FILE_DIR
/u01/app/oracle/product/9.2.0/demo/schema/sales_history/
ls -al /u01/app/oracle/product/9.2.0/demo/schema/sales_history/
SQL> select grantee,privilege from dba_tab_privs where
table_name='DATA_FILE_DIR';
GRANTEE PRIVILEGE
------------------------------ ----------------------------------------
SH READ

v$parameters should be set to false or null.
plsql_native_c_compiler
plsql_native_library_dir
plsql_native_library_subdir_count
plsql_native_linker
plsql_native_make_file_name
psservice tool from sysinternals
http://www.sysinternals.com/utilities/psservice.html
SELECT * FROM v$session;
oracle label security can be used to as a solution to this problem.
Run a password cracker on the checksums for the passwords from
sys.user$ to see if they are strong. NGS SQuirreL for Oracle has one of
the fastest.
It is also common for some users to set the password to be the same as
the user which is covered by SQuirreL
alter profile default limit sessions_per_user 1;
-
These default accounts need to be audited for which can be done using
products such as NGS SQuirreL for oracle which has over a 1000 entries.
There is a list of common default usernames in the appendices of this
report. Default accounts that are not required should be dropped. Defaults
accounts that may be required should be locked and password changed.
ALTER USER ACCOUNT UNLOCK;
WKSYS and DBSNMP are two of the most commonly used default
accounts as they have strong privileges and are often overlooked.
-
ALTER USER defaultaccount PROFILE myprofile;
The default profile is often used and should have password management
features enabled using:
ALTER PROFILE DEFAULT
LIMIT FAILED_LOGIN_ATTEMPTS 5
PASSWORD_LIFE_TIME 40
PASSWORD_REUSE_MAX 10
PASSWORD_REUSE__TIME UNLIMITED
PASSWORD_LOCK_TIME 1
PASSWORD_GRACE_TIME 3;
-
-
Additional to running a password cracker or default password check it is
recommended to explicity change the password to a new secure password
so that it is known 100% that the password is secure using the advice in
item named "Audit users accounts for weak passwords"
-
-
SELECT value FROM v$parameter where
NAME='remote_login_passwordfile'; should return NONE or EXCLUSIVE.
If not change the init_SID.ora
select username, default_tablespace, temporary_tablespace from
dba_users; this will provide a list of tablespaces with SYSTEM. Change
these with the following SQL.
ALTER USER ORDSYS DEFAULT TABLESPACE tools TEMPORARY
TABLESPACE temp;
-
- this
In order to set a secure password in
oracle it is recommended to use a quoted password which allows for ctrl
UNICODE
characters to be used in each of the 30 places.
ALTER USER PAUL IDENTIFIED BY
"passwordincludingnumbersandctrlchars";"
This makes the password very difficult indeed to crack."
As well as making the pasword secure it is possible to set up alias' for the
accounts so that users actual username is never known.
- this
-
-
-
This is a hypothetical example given that hr_table contained a column of
valid_users:
(select name from sys.user$)minus
(select valid_users from hr_table);
The result would be invalid users.
check the permissions on this file and change to -rw-r----- if necessary.
-
select object_name object, object_type type, owner owner
from dba_objects
where owner<>'SYS'
and ((object_name like '%USER%'
and object_name not like 'USER_%') or object_name like '%USR%'
or object_name like '%PASSWD%'
or object_name like '%PWD%'
or object_name like '%PASS%')
and object_type in('VIEW','TABLE')
union
select table_name object,
column_name type,
owner owner
from dba_tab_columns
where owner<>'SYS'
and (column_name like '%USER%'
or column_name like '%USR%'
or column_name like '%PASSWD%'
or column_name like '%PWD%'
or column_name like '%PASS%')
/
select name, value from v$parameter where name = 'ult_file_dir';
Also revoke access to UTL_FILE and only grant to those db accounts that
require the OS access.
select privilege, grantee from dba_tab_privs where
table_name='DBMS_BACKUP_RESTORE';
revoke access as needed.
select Count(1)
from dba_objects
where object_type Like '%JAVA%';
--if this returns more than 3000 java is installed.
This query will show the privs given wiithin Java select
grantee,type_name,name,kind,action
from dba_java_policy
where grantee not like 'JAVA%'
and grantee<>'SYS'
/
Then revoke privs not need using dbms_java.revoke_permission
remove Java completely if not needed using
$ORACLE_HOME/javavm/install/rmjvm.sql
-
if context is not being used then drop CTXSYS user DROP USER
CTXSYS CASCADE;
If it is being used then can just lock CTXSYS
ALTER USER CTXSYS ACCOUNT LOCK;
Revoke all access to CTXSYS packages from PUBLIC.
-
revoke select on all_users from public;
Will also need to test that the low privileged accounts that should not see
the usernames cannot actually see them by logging in as them and testing.
This is because the privilege hierarchy may inherit the ability to select from
a different route.
-
To remove Extproc:
-Remove the entries from the listener.ora file
-Remove entries from any tnsnames.ora
-Delete the extproc binary
-Revoke create / alter (any) library privileges
-Revoke create / alter procedure privileges
To secure Extproc:
-Create a separate user for the extproc listener
-Remove extproc entries from listener.ora and tnsnames.ora
- Create a new seperate listener for extproc
-use valid node checking on the new extproc listener and restrict to IPC
protocol only.
-
select grantee,granted_role
from dba_role_privs
where granted_role in
('SELECT_CATALOG_ROLE','EXECUTE_CATALOG_ROLE','DELETE_C
ATALOG_ROLE');
revoke as needed.
select grantee,privilege,table_name
from dba_tab_privs
where table_name in ('DBA_ROLES','DBA_SYS_PRIVS',
'DBA_ROLE_PRIVS','ROLE_ROLE_PRIVS');
-
-
-
-
This query is for general parameter values.
SELECT * FROM v$parameter ORDER BY name;
This query is specifically for archivelog mode and whether it is switched on.
select log_mode from v$database;
-
-
-
-
-
SELECT * FROM v$parameter where name ='max_enabled_roles';
set in init.ora
SELECT * FROM v$parameter where name ='os_authent_prefix';
set in init.ora
-
-
SELECT value FROM v$parameter where name ='remote_os_authent';
set in init.ora
SELECT value FROM v$parameter where name ='remote_os_roles';
set in init.ora
SELECT * FROM v$parameter ORDER BY name;
and compare with the init<SID>.ora file
search the init.ora for an IFILE parameter and follow that up by inspecting
any addional parameter file.
SELECT value FROM v$parameter where name ='remote_listener';
set in init.ora
-
select grantee,privilege
from dba_sys_privs
where privilege = 'EXEMPT ACCESS POLICY';
SELECT * FROM v$parameter where name ='serializable'; Not In 10g r2
set in init.ora
SELECT * FROM v$parameter where name ='sql92_security';
set in init.ora
select owner,segment_name,segment_type
from dba_segments
where tablespace_name='SYSTEM'
and owner<>'SYS';
select grantee from dba_role_privs where granted_role='DBA';
Revoke from accounts that do not need it
revoke dba from accountname;
Check for all privs:
(select count(*) from system_privilege_map)intersect
(select count(*) from dba_sys_privs group by grantee);
Check for number of privs in case too many.
select count(*) from system_privilege_map;
select count(*),grantee
from dba_sys_privs
group by grantee;
from dba_sys_privs
where privilege like '%ANY%';
revoke where possible
select grantee,
granted_role
from dba_role_privs
where admin_option='YES'
union
select grantee,
privilege
from dba_sys_privs
where admin_option='YES';
Do the same query 'WITH GRANT';
-
from dba_sys_privs
where grantee not in ('SYSTEM','SYS','PUBLIC')
and not exists (select 'A' from dba_roles where role=grantee)
-
These users have direct privileges.
select distinct grantee, table_name, privilege from dba_tab_privs where
grantee in((select grantee from dba_tab_privs)minus
(select role from dba_roles));
from dba_sys_privs
where privilege='CREATE LIBRARY'
-
-
-
-
-
from dba_sys_privs
where privilege = 'BECOME USER';
select * from dba_sys_privs where privilege='CREATE ANY
DIRECTORY';
select * from dba_sys_privs where privilege='CREATE ANY JOB';
select username
from dba_users
where password='EXTERNAL';
select username
from dba_role_privs, dba_users
where username=grantee
and granted_role='DBA'
and password='EXTERNAL';
-
-
-
-
-
REVOKE ALL ON UTL_FILE FROM PUBLIC
REVOKE EXECUTE ON UTL_TCP FROM PUBLIC
REVOKE EXECUTE ON UTL_HTTP FROM PUBLIC
REVOKE EXECUTE ON UTL_SMTP FROM PUBLIC
This SQL will identify packages that are both owned by SYS and have
EXECUTE granted to PUBLIC
(select object_name from dba_objects where owner ='SYS' and
object_type='PACKAGE')intersect
(select table_name from dba_tab_privs where grantee='PUBLIC' and
privilege='EXECUTE');
-
REVOKE EXECUTE ON dbms_lob FROM PUBLIC;
REVOKE EXECUTE ON dbms_sql FROM PUBLIC;
-
-
SELECT * FROM all_directories; and
SELECT * FROM dba_directories;
Un needed ones can dropped
DROP DIRECTORY directory_name
select grantee, privilege from dba_tab_privs where table_name
='INITJVMAUX';
REVOKE EXECUTE ON DBMS_JOB FROM PUBLIC;
revoke execute on dbms_scheduler from public;
revoke execute on owa_util from public;
-
-
-
to identify those with CONNECT you can use this query.
select grantee from dba_role_privs where granted_role='CONNECT';
CREATE ROLE dba_role IDENTIFIED BY "S0^Sorry"; or
alter role dba identified by "S0^Sorry";
See which roles are passworded.
select *
from dba_roles
where password_required='NO';
This query will identify all ROLES and privs granted to PUBLIC.
select 'SYSTEM','SYSTEM',privilege
from dba_sys_privs
where grantee='PUBLIC'
union
select 'OBJECT',table_name,privilege
from dba_tab_privs
union
select 'COLUMN',table_name,privilege
from dba_col_privs
union
select 'ROLE','ROLE',granted_role
from dba_role_privs
where grantee='PUBLIC';
-
-
-
-
Parameters that can be set and will increase security are:
CPU_PER_SESSION
PRIVATE_SGA
SESSIONS_PER_USER
CONNECT_TIME
IDLE_TIME
-
set this paramete in the init<SID>.ora file
This SQL will list all parameters:
select pin.ksppinm called,
pcv.ksppstvl itsvalue
from sys.x$ksppi pin,
sys.x$ksppcv pcv
where pin.inst_id=userenv('Instance')
and pcv.inst_id=userenv('Instance')
and pin.indx=pcv.indx
and translate(pin.ksppinm,'_','^') like '^%';
Alternatively an OS level checksum of the init<SID>.ora file would also
verify more easily the state of the parameter file. Try to explicitly declare
hidden parameters so that they are known. For example
_system_trib_enabled set to FALSE will switch off all SYSTEM triggers
which may be used for auditing actions on objects. This should be
explicitly set and monitored.
-
This query will find the autoextensible tablespaces
select tablespace_name from dba_data_files where autoextensible='YES';
Check the users from this query and assign a quote where appropriate.
(select name from sys.user$)minus
(select username from dba_ts_quotas);
-
-
This query will find triggers not owned by the schema owner.
select owner, trigger_name, table_owner, table_name from dba_triggers
where owner<>table_owner and owner not in ('SYS','SYSTEM');
This query will select the users and roles that can select the hashes.
(select grantee from dba_tab_privs where table_name
in('USER$','DBA_USERS'))
UNION
(select grantee from dba_sys_privs where privilege in('SELECT ANY
DICTIONARY','SELECT ANY TABLE'))
UNION
(select grantee from dba_role_privs where granted_role
in('DBA','OLAP_DBA','OLAP_USER','SELECT_CATALOG_ROLE'))
ORDER BY GRANTEE;
This query includes users who have SELECT ANY TABLE which is a
privilege that should be revoked.
-
-
revoke create any table from user;
This query will return the privileges of a user.select 'SYSTEM', privilege
from dba_sys_privs
where grantee='SCOTT'
union
select table_name,privilege
from dba_tab_privs
union
select table_name,privilege
from dba_col_privs
union
select 'ROLE', granted_role
from dba_role_privs
where grantee='SCOTT';
This SQL will identify VIEWs which allow base table to be edited.
select grantee,table_name,privilege
from dba_tab_privs
where exists (select 'x'
from dba_views
where view_name=table_name)
and privilege<>'SELECT'
union
select grantee,table_name,privilege
from dba_col_privs
where exists (select 'x'
from dba_views
where view_name=table_name)
and privilege<>'SELECT'
/
Also it is possible to bypass Oracle object security on underlying tables
from a view as below(from David).
SQL> connect / as sysdba
Connected.
SQL> create table ttt (n number, text varchar2(20), constraint n_pk primary
key(n));
Table created.
SQL> insert into ttt (n,text) values (1,'abc');
1 row created.
SQL> grant select on ttt to scott;
SQL> connect scott/tiger
Connected.
SQL> create or replace view vvv as select a.n, a.text from sys.ttt a join
sys.ttt b on a.n = b.n;
View created. alter user system account lock; or can also set the password to an
impossible password using an impossible password like this:
SQL> alter user sys identified by values 'no-decrypt';
User altered.
SQL> select password from dba_users where username = 'SYS';
PASSWORD
------------------------------
no-decrypt
07_DICTIONARY_ACCESSIBILITY =FALSE
-
-
remove the line
dispatcher=(PROTOCOL=TCP) (SERVICE=orat92XDB)
select * from dba_tab_privs where grantee ='PUBLIC' and table_name like
'STATS$%';
revoke as necessary
It is recommended to log auditing to the OS.
Select value from v$parameter where name = 'audit_trail';
Set to OS
Please note on Windows OS trails are recorded to the Application Event
Logs.
It is recommended to audit at least all SYS actions.
Select value from v$parameter where name = 'audit_sys_operations';
Set to TRUE (this parameter is new in 9iR2)
Plus to audit certain critical actions like selecting the password hashes.
This is object auditing which would look like this:
AUDIT SELECT ON SYS.USER$ BY ACCESS
Please note that compliance with data standards such as Sarbannes
Oxley, HIPAA and GLB act require the ability to audit to Row Level
sensitive data.
For example:
audit update on sys.salaries whenever not successful;
-
Not difficult to do as just issue this command.
AUDIT SESSION';
-
-
-
-
-
-
select * from dba_audit_trail; This is a large view and there fore best read
through a client like SQLDeveloper from Oracle or SQL Tools which is a
free client. http://www.sqltools.net/
-
-
This query shows users with audit privileges.
from dba_sys_privs
where privilege like '%AUDIT%';
AUDIT ALL ON SYS.AUD$ BY ACCESS
-
-
-
-
-
dba_fga_audit_trail is the main view for seeing this row level audit and
should be used.
fine grained audit may be a requirement for compliancy sake so not
negotiable but should only be needed for sensitive data.
-
-
The location of these logs should be known before and incident occurs and
practise should be made at correlating these logs so that problems that
may occur during an incident are solved beforehand.
Set a password on the Listener and set Admin Restrictions to ON.
To encrypt the listener password change it through lsnrctl:
lsnrctl>change_password
password changed
lsnrctl>save_config
Then restart the listener.
USE SSH TO THE OS TO ADMIN THE LISTENER.
-
-
USE_SHARED_SOCKETS added to init.ora
Set the fixed MTS dispatchers in the init.ora file.
http://www.cs.umbc.edu/help/oracle8/server.815/a67775/ch2x_mts.htm
Change the port using listener.ora file.
Edit the listener.ora file
use IP address in the listener.ora for smalll networks.
-
chmod 600 listener.ora
or using the NTFS file permissions.
Also recommend taking a hash of the file so that it can be seen that is the
same.
set:
LOGGING_LISTENER=ON
set protocol.ora in 8i and sqlnet.ora in 9i/10g:
tcp.validnode_checking=YES
tcp.invited_nodes =(10.1.1.161, etc)
tcp.excluded_nodes=(10.1.1.160, etc)
needs configuring on each client in sqlnet.ora:
USE_CMAN=TRUE
Can also use Oracle names or Oracel Internet Directory preferably OID.
-
-
-
-
-
Use Locate command on Linux, Find on Solaris or explorer search on
Windows to find nefarious copies of listener.ora and sqlnet.ora.
Check the permissions which should be 600 or similar.
Secure the wallet directory for OID.
This will query the link$ table for stored passwords.
select name,password from sys.link$;
Do not set up links as the DBA user as this user can masquerade as any
other and has too many privileges for a link.
Set DBLINK_ENCRYPT_LOGIN to TRUE.
-
-
-
-
-
-
-
-
-
-
Run a port scan using NMAP and vulnerability scan using Nessus or NGS
SQuirreL for Oracle.
The port number profile of that server should be recorded so that changes
can be recognised. Remove needed services/ports.
OEM is very functional but its automation is built upon default account
settings that are insecure and so for high security networks it is not
recommended.
Secure the snmp_ro.ora and snmp_rw.ora file as part of the IA audit.
-
If data sent is sensitive then the connection should be made over SSH. If
the connection is permanent then setting up an IPSEC tunnel would be a
more practicable solution. The best solution is the most expensive being
Oracle Advanced Security.
http://oracleheva1.oracle.com/docs/cd/B19306_01/network.102/b14268/as
ointro.htm
-
It is imperative to secure backup media and to practise using the backup
processes so that a real recovery can be done efficiently in case of crisis.
Remote Archive Logging is a key recommendation for good Oracle backup
and recovery.
Schedule both hot backups which take the data and Cold backups which
will take all data and configuration for a complete rebuild. This will require
some kind of failover secondary server if 24/7 is required.
Rotate and renew backup media incase of worn tapes.
Document both the process of backup and recovery and the testing of
these processes with sign off from security and senior admins so that it
can be proven that this has been done. Need to have a process owner who
is accountable in case of failure.
Test the off site backup procedures.
-
-
-
-
Mirroring simply involves making a copy of the redo log which can be done
by Oracle Multiplexing or OS level mirroring. Put the mirrors on a different
disk from the origina in case of disk failure.
select log_mode from v$database;
Ensure archive logs are written to backup and are purged and protected.
-
-
-
-
-
-
Use secure delete software to wipe the disks or magnetically wipe them.
Then destroy them phsysically and if necessary distribute seperately.
Physical reconstruction is possible though currently expensive.
-
-
use the following command at the OS.
Wrap iname =infile oname=outfile
Wrapping the PLSQL is not a high security measure as it has been reverse
engineered.
Search for unwrapped code using the following.
select owner,name from dba_source where text like'%wrapped%';
select owner,name from dba_source where text not like'%wrapped%';
dbms_utility.get_hash_value can be used to get a hash value of a
package.
run an automated grep like search on PLSQL packages to see the strings
that are in them.
There are a number of cures for this
http://www.ngssoftware.com/papers/DBMS_ASSERT.pdf
Prepared statements are used in Java as well to stop this problem.
The classic way to find these bugs is to insert a single quote into a text
input field. This can be interpreted as a break in attempt so should only be
done on internal applications with permisssion in writing.
-
precompile java and load using the loadjava utility.
lock down the privileges generally as previously described and test
connecting to Oracle via MS Office applications.
Applications that are allowed to access Oracle should be registered using
DBMS_APPLICATION_INFO
-
Assign a specific account for applications like Toad so that it can be locked
down in a way specifically to that application and its activitied monitored
seperately.
-
-
-
-
Old application files should be removed and new ones should have the
correct permissions assigned. Access to the database by development
should be stopped before going to production and no more access granted
unless requested and checked.
Check for evidence of development work by comparing the timestamps on
the view dba_objects. If the last_ddl_time is after development work should
have stopped then there may have been unauthorised access.
-
developer privileges present in the development database should be
tested to make sure they are not in production.
Also check for db links between the two as described previously
Also make sure that test data in development is not real data but does
closely model it.
-
-
-
-
-
-
-
-
select owner,segment_name,segment_type
from dba_segments
where tablespace_name='appowner';
-
use the v_$resource_limit view to compare resource usage before and
after. Compare this to the maximum resources available on that server and
increase if necessary using ALTER SYSTEM.
It is often a good idea where possible to use Oracles authentication system
and secure it at the Oracle end. This also means that auditing and logging
can be individual to the account being used rather than having all
application users using the same Oracle account which the application
manages.
-
Use a dedicated role that is assigned the required privileges and if possible
lock the schema owners account.
-
-
-
encrypt usernames and passwords in the database and then log back in as
that user so user is trackable.
-
REVOKE DDL privileges that the Application account has been granted.
-
-
product_user_profile view can be used to control users access. This is not
available for ODBC
-
DBMS_OBFUSCATION_TOOLKIT is the main package internal to Oracle
though there is also the new database vault functionality.
-
-
-
-
-
-
-
-
-
-
-
-
stop the http server
edit the oracle_apache.conf and comment out the line which includes
isqlplus.conf by using a #
revoke execute on dbms_debug from devaccount;
It is worth having an external blackbox pentest to see how much
information can gained.
Use metalink to source the patch
Use Opatch to apply the patch and then check the state of the applied
package that should have been changed by using
dbms_utility.get_hash_value.
Please note that earlier versions of Opatch are quite unreliable and allow
patch information to be accessed by any OS user.
Potential DBA Discussion criticality platform
no one should need write access to the files in the bin so there
should not be discussion on this point. It is possible to run with
tighter permissions though this should be tested and support from
Oracle verified.
1 ALL
time to lock and unlock when needed 1 ALL
may be difficult after the fact as scripts may be hardcoded with this
data
2 ALL
DBA do not want to use sudo so could disable remote login
instead so have to su
2 Unix
from fresh install no discussion needed on this point. 2 ALL
DBA wants to use intelligent agent --> at least change the
password for DBSNMP to a secure password. ALTER USER
DBSNMP IDENTIFIED BY "SECURE PASSWORD"; See auditing
weak passwords later.
1
If files may need to be read by those outside of the OSDBA group
then could set 027 but depends on how many people are in the
OSDBA group and how structured. If only two in
OSDDBA/SYSDBA group then maybe 027 might be more time
efficient but our recommendation is 022.
1 Unix
- 1 Unix
none needed 1 Win
none needed 1 Unix
- 1 Win
there may be additional discussion on who exactly will be a
member of the OSDBA group which is a business decision. Need
to have more than one person but not much more. Users that do
not need complete power should access as SYSOPER for
maintenance or as a low privileged Oracle db account directly.
Least privilege is the key.
1 ALL
- 1 Unix
none needed 1 Unix
none needed 2 Win
- 3 ALL
if absolutely needed could keep on production server but would
need v.good reason such as no other place to read the trace files
which had to be read there.
3 ALL
none needed 2 ALL
If a different user from ORACLE is used but in the same group
then permisssions should be 660.
1 ALL
DBA may wish not correlate logs. The first time this is done takes
along time but once a process is in place it can be automated.
Time synchronisation will also be important for single sign on if
and when implemented so it is a good idea to implement time
syncrhonisation anyway.
3 ALL
- 2 ALL
- 2 ALL
none needed 3 ALL
if using veritas volume manager or similar then will have to use the
tools supplied with that software.
1 Unix
who gets permissions to ps is the question here. Root has it and
ORACLE may need it as well as OSDBA and OSOPER. It should
be limited below these users.
1 Unix
- 2 Unix
none needed 2 Unix
DBA may say that this is a lot of work on each client. The option is
Oracle Advanced Security which is expensive or to - as it is. An
advanced attacker can sniff traffic and gain the plain text of the
password if they have the hash of the password that is being used.
It is a business and context decision as to whether the risk of
malicious sniffing and unencryption warrants the extra work/cost of
securing each client. A high security network should take this
precaution.
2 ALL
none needed 3 ALL
- 1 ALL
- 1 ALL
none needed 1 ALL
3 Unix
none needed 3 Unix
discussion about what is essential. Can use scripts that prompt the
user to input their password manually as compromise.
3 ALL
It may be the case that an automated script with a password is
required then encrypt the password or at the very least limit the
permissions so that it cannot be read by an unauthorised user.
2 ALL
- 2 Unix
- 2 ALL
none needed 2 ALL
none needed except that use of tripwire should be tested
thoroughly before installation to make sure that it does not
interfere with the smooth running of the server. If it does then
manual checksumming of the oracle binaries can be carried out,
recorded and then checked at agreed intervals.
2 ALL
May be too time consuming for the benefit but this is potentially
very beneficial in all but a completely trusted network environment.
2 ALL
- 2 Unix
- 3 ALL
none needed 2 ALL
none needed 2 ALL
maybe DBA does not want to run a large find command on the
machine while in production as may slow it down. Therefore can
check the trace files manually and check for ALTER SESSION
privileges.
3 ALL
- 3 ALL
should be no discussion on this but users may need to kill their
own sessions therefore use kill command on UNIX or orakill.exe
on windows to replace the ALTER SESSION capability
1 ALL
Running this find command on all files will slow down the machine
whilst it is being done. This should be done whilst the machine is
offline. Also change the passwords after a full export/import
between machine environments e.g. production to development.
1 ALL
- 1 ALL
The archive logs can take up a lot of space so a remote dedicated
storage is safer and easier to manager in terms of disk space.
Access to these logs should be strictly controlled as they can allow
the database to be reinstated on a separate machine especially if
the database structure is known.
2 ALL
- 2 ALL
none needed 2 ALL
Native PLSQL runs quicker so development team may require this
functionality.
Both requirements can be met by setting the parameters for the
developer as the PLSQL needs compiling and then setting it back.
This should be a rare occurance and therefore not take up too
much itme.
1 ALL
3 ALL
Where Windows is being used migrate towards 2003 OS 1 Win
none needed 3 ALL
check the security of the web application to the database. An audit
can useful in these situations. What encrytion is used by the
application. Is the database security stronger the application
password security.
3 ALL
SQuirreL allows password auditing without actually viewing the
passwords.
1 ALL
none needed 2 ALL
- 3 ALL
Default accounts is a pretty clear subject so should not be too
much discussion. The main stumbling block is DBSNMP as this is
used as the account that the Oracle intelligent uses to gather data
remotely as part of Oracle Enterprise Manager (OEM) which is a
GUI tool for managing many servers in an easy way.
see the securing DBSNMP section.
1 ALL
- 1 ALL
The exact composition and settings of a profile are flexible to the
policy and business need. As a minimum there should at least be
a default profile with password management features enabled
though the values would be negotiable. If there are many contexts
then different profiles should be implemented to satisfy all groups
needs.
1 ALL
- 2 ALL
- 2 ALL
There may be some resistance to changing the SYS and SYSTEM
passwords to a known secure password but this should be ignored
unless exceptionally good reason. Changing these passwords
should be a matter of course as they will become more insecure
over time . These passwords should be changed each month
anyway. Changing them should not inconvenience the DBA and it
will ensure they are secure and able to change.
1 ALL
- 1 ALL
- 2 ALL
none needed 2 ALL
none needed 3 ALL
- 1 ALL
- this 2 ALL
auditing accounts for weak passwords can take along time so it is
recommended to automate this process either using an SQL script
locally or a remote testing application such as NGS SQuirreL for
Oracle which is available as a free trial from
http://www.ngssoftware.com/squirrelora.htm
2 ALL
- this 3 ALL
- 5 ALL
- 5 ALL
- 4 ALL
This point clearly needs implementing the only question should be
how which would be business process decision. It would be useful
to allocate a business process owner so that could be responsible
for removing leaving accounts and checking this has been done in
Oracle.
2 ALL
none needed 3 ALL
- 4 ALL
no problem running the query but problem when passwords are
found so have to prepare for this. It may be the case that the
auditor should not view the passwords depending on privacy
policy.
If weak passwords are found this way then need to secure the
tables that contain the passwords and talk the application provider.
3 ALL
3 ALL
none needed 3 ALL
Business decision as to what Java permissions are required if
Java is being used at all.
2 ALL
- 2 ALL
none needed 3 ALL
- 2 ALL
none needed 3 ALL
- 4 ALL
For DBA here is seperate Extproc listener if needed but try to
avoid Extproc if possibly can.
LISTENER EXT =
(DESCRIPTION LIST =
(DESCRIPTION =
(ADDRESS-LIST =
(ADDRESS = (PROTOCOL = IPC) (KEY= EXTPROC)))))
SID-LIST EXT =
(SID-LIST =
(SID-DESC =
(SID-NAME = PLsExtPr0c)
(ORACLE-HOME = /export/home/uOl/app/oracle/product/9.0.1)
(PROGRAM = extproc)
)
)
1 ALL
- 4 ALL
none needed. 3 ALL
none needed. 3 ALL
- 4 ALL
- 4 ALL
- 5 ALL
- 5 ALL
Not aware of any good reasons not to do this. Disk space is a bad
reason given the fall in disk prices.
2 ALL
- 4 ALL
- 4 ALL
- 4 ALL
- 3 ALL
- 4 ALL
- 3 ALL
2 ALL
- 4 ALL
- 1 ALL
none needed. 3 ALL
none needed. 1 ALL
none needed. 3 ALL
none needed. 3 ALL
none needed. 3 ALL
- 2 ALL
none needed. 2 ALL
none needed. 2 ALL
2 ALL
There will probably be SYSTEM and OUTLN objects which are
default with Oracle but this check is looking for objects from other
users which are out of place.
1 ALL
Compromise to taking away DBA role is to strip down the
privileges of this role so it is not such a security risk.
1 ALL
The DBA role and SYS user will have this privilege. 1 ALL
create any directory does not have a non ANY version but most
privs can be assigned more precisely so revoking ANY privileges
should be enforced strongly. The DBA role and SYS user will have
this privilege.
1 ALL
- 2 ALL
busines processs required to match the allocation of system
privileges to the business requirement.
1 ALL
- 2 ALL
This is debatable given the disadvantages of roles already
highlighted so this item is not critical.
3 ALL
none needed should be enforced. 1 ALL
- 3 ALL
- 2 ALL
- 3 ALL
- 3 ALL
- 2 ALL
none needed. 2 ALL
none needed as previously addressed. 2 ALL
- 1 ALL
- 1 ALL
- 2 ALL
- 2 ALL
- 1 ALL
none needed - not negotiable 1 ALL
Some packages need PUBLIC execute but many should not.
Many recent PLSQL injection attacks are targetted at SYS owned
definer rights PLSQL packages that PUBLIC has execute upon.
Therefore execute should certainly be revoked on PUBLIC
packages unless absolutely necessary. In either case the use of
PUBLIC execute on SYS owned packages should certainly be
audited, controlled and in the future deprecated.
1 ALL
- 2 ALL
- 1 ALL
- 2 ALL
Need to be able to verify which directories are actually needed. 2 ALL
none needed 2 ALL
This is will cause mod_plsql to stop working which will require
execute being granted to the account used by the appserver to
work again.
2 ALL
ROLES granted to ROLES can cause an obfuscated hierarchy of
privilges which can make it difficult to work out what privileges a
user actually has so this item in the guide should be tempered with
the proviso not to layer ROLES too deeply.
2 ALL
- 4 ALL
- 1 ALL
- 2 ALL
1 ALL
Thorough testing of the new ROLE to replace CONNECT would
require time and testing.
2 ALL
discretionary 2 ALL
This will take a long time and needs to be broken down into
stages. The main amount of results will be the object privs form
dba_tab_privs. Prioritise the others first and then prioritise SYS
owned objects and objects that have known vulnerabilities.
2 ALL
- 3 ALL
- 3 ALL
- 2 ALL
- 3 ALL
agreeing how long a session can be left idle before it is
disconnected is the main issue here and it depends on the power
of the account and security context of the environment being
used. DBA accounts should cut out more quickly and have less
sessions per user normally.
3 ALL
- 2 ALL
none needed 3 ALL
none needed 3 ALL
- 1 ALL
none needed 3 ALL
none needed 3 ALL
- 3 ALL
- 5 ALL
none needed 2 ALL
The permission of select any table is required by the DBSNMP
account for the intelligent agent to work which may be a factor in
keeping this privilege IF the Intelligent agent functionality is to be
kept.
1 ALL
- 1 ALL
- 1 ALL
the schema owner will still be able to create tables in their own
schema but not others. There needs to be a very good reason to
not do this for all but high privileged users.
2 ALL
time intensive. If time pressured and not v.high security then better
to approach from the direction of identifying the sensitive objects
and seeing who has privileges on them rather than this method
which looks at everything an individual can see and have to be
repeated for each individual.
2 ALL
none needed 2 ALL
Note that SYS AS SYSDBA cannot be locked in this way so
strenght in depth with the other measures needed especially
OSDBA access from OS.
2 ALL
none needed 2 ALL
- 4 ALL
- 2 ALL
none needed 2 ALL
none needed 2 ALL
There can be much discussion on Auditing and the
recommendations here represent the bare minimum that a server
should have and should not represent a detriment to the
performance of the server. Addtionally auditing can be added from
here and is highly flexible and complex. Of major importance is the
purging strategy as the more AUDIT the more logs and where to
store them. Please see Oracle Privacy Auditing by Arup Nanda for
more detail on Auditing on Oracle.
1 ALL
As long as the action being audited should not occur often and the
action is critical then it is justified.
2 ALL
- 2 ALL
Will this affect performance. Best to test beforehand on dev server
or at a time when contigencies have been put in place.
3 ALL
- 3 ALL
- 3 ALL
- 3 ALL
- 3 ALL
- 3 ALL
- 3 ALL
Some audit has to be done and therefore some review of audit
logs has to be done.
The question is how much and how often which is a business
decision sensitive to the security needs of that department.
3 ALL
- 4 ALL
- 2 ALL
should be unnegotiable. Please note that the newest functionality
in Oracle database called database vault is specifically designed
to withhold some control from senior DBA as this concept of
everyone being accountable to policy is of current concern.
http://www.oracle.com/technology/deploy/security/db_security/data
base-vault/index.html
1 ALL
OS is preferred as previously stated. 2 ALL
- 3 ALL
- 4 ALL
- 1 ALL
- 3 ALL
- 3 ALL
3 ALL
3 ALL
- 2 ALL
- 2 ALL
1 ALL
Minimum passworded Listener and very preferably should be
Admin Restrictions ON which is now the default in 10g.
Please see this document for more detail on securing the Oracle
Listener.
http://www.integrigy.com/info/Integrigy_OracleDB_Listener_Securit
y.pdf
It should be noted that some clustering software such as SUN
Solaris v3.0 cannot restart the Listener automatically if it fails and
is passworded. The new 3.1 version does.
1 ALL
- 4 ALL
- 5 ALL
Has a slight negative effect on performancy so only use when
having to tunnel through a firewall.
3 win
Can also use an Oracle aware firewall instead but Oracle Server
must be protected from direct access by untrusted network such
as the internet.
3 ALL
none needed. 2 ALL
none needed. 2 ALL
discretionary 3 ALL
- 2 ALL
none needed 2 ALL
discretionary 3 ALL
Architectural issue is complex and cannot presribe completely.
OID seems to be preferred route.
2 ALL
- 1 ALL
- 3 ALL
- 2 ALL
- 4 ALL
- 5 ALL
Shoud not be much discussion needed. 2 ALL
Shoud not be much discussion needed. 1 ALL
- 2 ALL
- 1 ALL
- 1 ALL
- 1 ALL
- 2 ALL
- 2 ALL
- 2 ALL
- 1 ALL
- 2 ALL
- 1 ALL
none needed. 3 ALL
depends on the security of the network environment.
At least put in place the previous securing DBSNMP
recommendations and preferably do not use at all. SQL*PLUS
command line over SSH is preferred admin tool.
2 ALL
- 2 ALL
none needed. 2 ALL
- 3 ALL
DBA's often appreciate this very well perhaps more fully than
many security researchers in the past though the potential for
attack via backups is now becoming more well known.
http://www.dbaoncall.net/references/ref_backup_strategy.html
1 ALL
not negotiable. 1 ALL
Should not be negotiable. 2 ALL
- 3 ALL
- 3 ALL
- 2 ALL
- 2 ALL
none needed 2 ALL
none needed 2 ALL
- 2 ALL
- 3 ALL
- 3 ALL
- 3 ALL
- 5 ALL
- 4 ALL
should not be needed. 2 ALL
- 4 ALL
- 4 ALL
It is relatively easy to wrap the code. The question will be keeping
the clear text version of the code and being able to keep a record
of the state of the currently used version of the package which is
where checksummng can be useful.
2 ALL
This process can be automated so should not take long. 3 ALL
none needed 3 ALL
This process is difficult to do automatically and if there is a lot of
code it may be worth seeking a specialised Code Review
consultancy.
2 ALL
- 3 ALL
none needed 2 ALL
- 2 ALL
none needed 3 ALL
- 4 ALL
- 4 ALL
- 2 ALL
- 3 ALL
none needed 3 ALL
- 3 ALL
There may be teething stage for a new application that requires
temporary privileges to the production server to be granted to
development. A process should be in place to make sure that any
temporary accounts are deleted after a set period of time.
If real data does get in to the development db then the top priority
is to make sure that the DB account usenames and passwords
transferred are deleted and new ones created.
2 ALL
- 2 ALL
- 2 ALL
- 2 ALL
- 2 ALL
- 1 ALL
- 2 ALL
- 2 ALL
- 2 ALL
2 ALL
- 2 ALL
There is not always a choice in this depending on the third party
application.
1 ALL
- 2 ALL
if not possible at least ensure that the schema owner has not
been granted the DBA role.
2 ALL
- 2 ALL
- 2 ALL
- 5 ALL
Certainly no plaintext username and passwords. 2 ALL
- 2 ALL
discussion should not be needed. 2 ALL
1 ALL
- 1 ALL
- 1 ALL
1 ALL
The PUP can be bypassed so it should not be relied on heavilly.
On the Oracle server SQL*PLUS security can be strengthened by
making sure that no one other than ORACLE can access the
sqlplus binary.
3 ALL
- 3 ALL
It would normally agreed that there should be some data encyrpted
and the DBA should certainly have the ability to encrypt data. How
much data and how to encrypt data without the DBA's control over
decryption is a business decission.
2 ALL
- 2 ALL
- 2 ALL
- 2 ALL
- 2 ALL
- 3 ALL
- 2 ALL
- 2 ALL
- 1 ALL
- 3 ALL
- 2 ALL
- 2 ALL
- 3 ALL
- 2 ALL
should not be negotiable. 1 ALL
should not be negotiable. 1 ALL
delist from google cache and archive.org and sanitise all data that
is to be made external including to ORACLE support.
2 ALL
should not be negotiable. The problem is the time to do this.
It is advisable to pay for an advanced scanner like NGS SQuirreL
for Oracle which has the updates contained within it and
automates the process of scanning for vulnerabilities through an
enterprise.
version
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
>= 9i
>= 9i
ALL
ALL
ALL
ALL
>= 8
ALL
>= 8
ALL
ALL
ALL
>= 8i
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
>= 9i
ALL
ALL
ALL
ALL
ALL
ALL
>= 8
>= 8
>= 8
>= 7
ALL
ALL
>= 8
9iAS
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
>= 9i
>= 9i
ALL
>= 9i
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
>=9i
>=10g
ALL
ALL
ALL
ALL
ALL
ALL
>= 8
>=8.1.7
>=8.1.7
>=8.1.7
ALL
ALL
>= 8i
ALL
ALL
ALL
>= 8
ALL
ALL
>=10g
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
>= 8
>= 8
>= 8
>= 8
ALL
ALL
ALL
ALL
>=8i
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
>=9iR2
>= 8i
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
>=9iR2
ALL
ALL
ALL
>= 8
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
>= 8
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
ALL
>= 9i
>= 9i
>= 9i
>= 9i
>= 9i
>= 9i
>= 9i
ALL
ALL
Security Alert Number And Description MetaLink Note ID
Alert 68, Oracle Security Update 281188.1
Alert 67, Unauthorized Access Vulnerabilities in Oracle E-Business Suite 274356.1
Alert 66, Security Vulnerabilities in Oracle Application Server Web Cache 265308.1
Alert 65, Security Vulnerability in Oracle9i Application and Database Servers 258997.1
Alert 64, Security Vulnerabilities in Oracle9i Database Server 263508.1
Alert 63, Security Vulnerabilities in Oracle9i Lite 263509.1
Alert 62, SSL Update for CERT CA-2003-26 and older SSL issues 258996.1
Alert 61, SQL Injection Vulnerability in Oracle9i Application Server 253982.1
Alert 60, Unauthorized Access to Restricted Content in Oracle Files 252706.1
Alert 59, Buffer Overflow in Oracle Database Server Binaries 251910.1
Alert 58, Buffer Overflow in the XML Database of Oracle9i Database Server 246202.1
Alert 57, Buffer Overflows in EXTPROC of Oracle Database Server 244523.1
Alert 56, Buffer Overflow Vulnerability in Oracle E-Business Suite 244335.1
Alert 55, Unauthorized Disclosure of Information in Oracle E-Business Suite 244294.1
Alert 54, Buffer Overflow in Net Services for Oracle Database Server 237172.1
Alert 53, Report Review Agent Vulnerability in Oracle E-Business Suite 235262.1
Alert 52, Security Vulnerabilities in Oracle9i Application Server 229288.1
Alert 51, Buffer Overflow in ORACLE executable of Oracle9i Database Server 229287.1
Alert 50, Buffer Overflow in Oracle9i Database Server 229286.1
Alert 47, Security Vulnerabilities in Oracle9i Application Server 224215.1
Alert 46, Buffer Overflow in iSQL*Plus (Oracle9i Database Server) 216775.1
Alert 45, Security Release of Apache 1.3.27 214356.1
Alert 44, Unauthorized Access Vulnerability in Oracle E-Business Suite, Release 11i 213415.1
Alert 43, Oracle9iApplication Server Web Cache Administration Tool Vulnerability 213413.1
Alert 42, Denial of Services Against Oracle Net Services 213411.1
Alert 41, Oracle9iApplication Server Oracle Java Server Pages Demo Vulnerability 207272.1
Alert 40, Oracle Net Listener Vulnerabilities 207269.1
Alert 39, Web Cache Oracle9i Application Server Password Vulnerability 207271.1
Alert 38, Oracle Net Denial of Service Security Vulnerability 207268.1
Alert 37, OpenSSL Buffer Overflow 206034.1
Alert 36, Security Vulnerability in Apache HTTP Server of Oracle9i Application Server 200873.1
Alert 35, Buffer Overflow Vulnerability in Oracle9iAS Reports Server 198531.1
Alert 34, Buffer Overflow Vulnerability in Oracle Net (Oracle9i Database Server) 198544.1
Alert 33, User Privileges Vulnerability in Oracle9i Database Server 185074.1
Alert 32, Unauthorized Access Vulnerability in the Oracle E-business Suite 185073.1
Alert 31, Oracle Configurator Cross Site Scripting Vulnerability 182244.1
Alert 30, SNMP Vulnerability in Oracle Enterprise Manager, Master_Peer Agent, for Oracle9i
Database
183556.1
Alert 29, Vulnerability in PL/SQL EXTPROC in Oracle9i Database 175429.1
Alert 28, Vulnerabilities in Oracle mod_plsql and JSP in Oracle9i Application Server 175428.1
Alert 27, Vulnerabilities in Oracle9i Application Server Webcache 169628.1
Alert 26, Denial of Service against Oracle9i Application Server 168862.1
Alert 25, Vulnerabilities in mod_plsql 168863.1
Alert 24 was never released -
Alert 23, Oracle Database Server DBSNMP Vulnerabilities 167001.1
167004.1
167007.1 37377
Alert 22, Oracle9i Application Server Default SOAP Configuration 166869.1
Alert 21, Oracle Label Security Mandatory Security Patch 163726.1
Alert 20, Oracle File Overwrite Security Vulnerability 163727.1
Alert 19, Oracle Trace Collection Security Vulnerability 163728.1
Alert 18, Oracle9iAS Web Cache Overflow Vulnerability 163729.1
Alert 17, Oracle Internet Directory Buffer Overflow Vulnerability 152780.1
Alert 16, Oracle SQL*Net and Net8 Malformed Packet Denial of Service Vulnerability 151260.1
Alert 15, Buffer Overflow Vulnerability in the Oracle8i Listener 151259.1
Alert 14, Oracle SQL*Net/Net8 Denial of Service Vulnerabilities 151261.1
151290.1
151291.1
151292.1 37290
37290
37504
37504
Alert 13, Oracle Redirect Denial of Service Vulnerability 153289.1
Vulnerability in Oracle E-Business Suite Release 11i Applications Desktop Integrator No MetaLink Note
Forms Launched Insecurely from Oracle E-Business Suite No MetaLink Note
Oracle JVM FilePermission Vulnerability No MetaLink Note
Security Bug with JSPs and the Oracle 8.1.7 Directory Traversal Vulnerability 135885.1
Unintended Execution of Oracle JSP No MetaLink Note
Oracle XSQL Servlet Vulnerability No MetaLink Note
Oracle Connection Manager Control SUID No MetaLink Note
Oracle Internet Directory Buffer Overflows No MetaLink Note
mod_plsql exclusion_list Announcement No MetaLink Note
Oracle Internet Application Server No MetaLink Note
Oracle Enterprise Manager Backup and Recovery 130119.1
Vulnerability in the Oracle Listener 124742.1
Oracle Application Server: Remote Command Execution 108139.1
Unprotected Oracle Installer File No MetaLink Note
Latest Version/Date
Rev 4, 2 March 2005
Rev 1, 3 June 2004
Rev 2, 2 April 2004
Rev 4, 2 June 2004
Rev 2, 20 May 2004
Rev 1, 18 February 2004
Rev 1, 04 December 2003
Rev 3, 13 November 2003
Rev 1, 28 October 2003
Rev 1, 18 August 2003
Rev 1, 23 July 2003
Rev 1, 23 July 2003
Rev 2, 30 April 2003
Rev 3, 03 March 2003
Rev 3, 23 July 2003
Rev 6, 20 May 2004
Rev 3, 16 December 2002
37477
37449
37412
37412
37363
37363
37347
37320
37840
37442
37253
38142
37046
-
37522
37182
37182
37224
37182
37167
37504
37504
37216
37032
37011
36935
38294
36935
36914
36922
36922
36901
36888
37358
38190
37291
36630
Oracle 3 BRIO_ADMIN BRIO_ADMIN EB50644BE27DF70B
Oracle 3 BRUGERNAVN ADGANGSKODE 2F11631B6B4E0B6F
Oracle 3 BRUKERNAVN PASSWORD 652C49CDF955F83A
Oracle 2 BSC BSC EC481FD7DCE6366A
Oracle 3 BUG_REPORTS BUG_REPORTS E9473A88A4DD31F2
Oracle 3 CALVIN HOBBES 34200F94830271A3
Oracle 3 CATALOG CATALOG 397129246919E8DA
Oracle 2 CCT CCT C6AF8FCA0B51B32F
Oracle 3 CDEMO82 CDEMO82 7299A5E2A5A05820
Oracle 3 CDEMO82 CDEMO83 67B891F114BE3AEB
Oracle 3 CDEMO82 UNKNOWN 73EAE7C39B42EA15
Oracle 3 CDEMOCOR CDEMOCOR 3A34F0B26B951F3F
Oracle 3 CDEMORID CDEMORID E39CEFE64B73B308
Oracle 3 CDEMOUCB CDEMOUCB CEAE780F25D556F8
Oracle 3 CDOUGLAS CDOUGLAS C35109FE764ED61E
Oracle 2 CE CE E7FDFE26A524FE39
Oracle 3 CENTRA CENTRA 63BF5FFE5E3EA16D
Oracle 3 CENTRAL CENTRAL A98B26E2F65CA4D3
Oracle 3 CIDS CIDS AA71234EF06CE6B3
Oracle 3 CIS CIS 7653EBAF048F0A10
Oracle 3 CIS ZWERG AA2602921607EE84
Oracle 3 CISINFO CISINFO 3AA26FC267C5F577
Oracle 3 CISINFO ZWERG BEA52A368C31B86F
Oracle 4 CLARK CLOTH 7AAFE7D01511D73F
Oracle 3 CLKANA <UNKNOWN>
Oracle 3 CLKRT <UNKNOWN>
Oracle 2 CN CN 73F284637A54777D
Oracle 1 COMPANY COMPANY 402B659C15EAF6CB
Oracle 3 COMPIERE COMPIERE E3D0DCF4B4DBE626
Oracle 3 CQSCHEMAUSER PASSWORD 04071E7EDEB2F5CC
Oracle 3 CQUSERDBUSER PASSWORD 0273F484CD3F44B7
Oracle 2 CRP CRP F165BDE5462AD557
Oracle 2 CS CS DB78866145D4E1C3
Oracle 2 CSC CSC EDECA9762A8C79CD
Oracle 2 CSD CSD 144441CEBAFC91CF
Oracle 3 CSE CSE D8CC61E8F42537DA
Oracle 2 CSF CSF 684E28B3C899D42C
Oracle 3 CSI CSI 71C2B12C28B79294
Oracle 3 CSL CSL C4D7FE062EFB85AB
Oracle 3 CSMIG CSMIG 09B4BB013FBD0D65
Oracle 2 CSP CSP 5746C5E077719DB4
Oracle 2 CSR CSR 0E0F7C1B1FE3FA32
Oracle 2 CSS CSS 3C6B8C73DDC6B04F
Oracle 3 CTXDEMO CTXDEMO CB6B5E9D9672FE89
Oracle 1 CTXSYS <UNKNOWN>
Oracle 1 CTXSYS CHANGE_ON_INSTAL
L
71E687F036AD56E5
Oracle 1 CTXSYS CTXSYS 24ABAB8B06281B4C
Oracle 1 CTXSYS UNKNOWN A13C035631643BA0
Oracle 2 CUA CUA CB7B2E6FFDD7976F
Oracle 2 CUE CUE A219FE4CA25023AA
Oracle 2 CUF CUF 82959A9BD2D51297
Oracle 3 CUG CUG 21FBCADAEAFCC489
Oracle 2 CUI CUI AD7862E01FA80912
Oracle 2 CUN CUN 41C2D31F3C85A79D
Oracle 2 CUP CUP C03082CD3B13EC42
Oracle 2 CUS CUS 00A12CC6EBF8EDB8
Oracle 2 CZ CZ 9B667E9C5A0D21A6
Oracle 2 DBI MUMBLEFRATZ D8FF6ECEF4C50809
Oracle 3 HR <UNKNOWN> 33EBE1C63D5B7FEF
Oracle 3 HR CHANGE_ON_INSTAL
L
6399F3B38EDF3288
Oracle 3 HR HR 4C6D73C3E8B0F0DA
Oracle 2 HRI HRI 49A3A09B8FC291D0
Oracle 3 HVST HVST 5787B0D15766ADFD
Oracle 2 HXC HXC 4CEA0BF02214DA55
Oracle 2 HXT HXT 169018EB8E2C4A77
Oracle 2 IBA IBA 0BD475D5BF449C63
Oracle 2 IBE IBE 9D41D2B3DD095227
Oracle 2 IBP IBP 840267B7BD30C82E
Oracle 2 IBU IBU 0AD9ABABC74B3057
Oracle 2 IBY IBY F483A48F6A8C51EC
Oracle 3 ICDBOWN ICDBOWN 76B8D54A74465BB4
Oracle 2 ICX ICX 7766E887AF4DCC46
Oracle 3 IDEMO_USER IDEMO_USER 739F5BC33AC03043
Oracle 2 IEB IEB A695699F0F71C300
Oracle 3 IEC IEC CA39F929AF0A2DEC
Oracle 2 IEM IEM 37EF7B2DD17279B5
Oracle 2 IEO IEO E93196E9196653F1
Oracle 2 IES IES 30802533ADACFE14
Oracle 2 IEU IEU 5D0E790B9E882230
Oracle 2 IEX IEX 6CC978F56D21258D
Oracle 3 IFSSYS IFSSYS 1DF0D45B58E72097
Oracle 2 IGC IGC D33CEB8277F25346
Oracle 2 IGF IGF 1740079EFF46AB81
Oracle 2 IGI IGI 8C69D50E9D92B9D0
Oracle 2 IGS IGS DAF602231281B5AC
Oracle 2 IGW IGW B39565F4E3CF744B
Oracle 3 IMAGEUSER IMAGEUSER E079BF5E433F0B89
Oracle 3 IMC IMC C7D0B9CDE0B42C73
Oracle 3 IMEDIA IMEDIA 8FB1DC9A6F8CE827
Oracle 3 IMT IMT E4AAF998653C9A72
Oracle 3 #INTERNAL ORACLE 87DADF57B623B777
Oracle 3 #INTERNAL SYS_STNT 38379FC3621F7DA2
Oracle 3 INTERNAL ORACLE AB27B53EDC5FEF41
Oracle 3 INTERNAL SYS_STNT E0BF7F3DDE682D3B
Oracle 2 INV INV ACEAB015589CF4BC
Oracle 2 IPA IPA EB265A08759A15B4
Oracle 2 IPD IPD 066A2E3072C1F2F3
Oracle 3 IPLANET IPLANET 7404A12072F4E5E8
Oracle 2 ISC ISC 373F527DC0CFAE98
Oracle 2 ITG ITG D90F98746B68E6CA
Oracle 2 JA JA 9AC2B58153C23F3D
Oracle 3 JAKE PASSWO4 1CE0B71B4A34904B
Oracle 2 JE JE FBB3209FD6280E69
Oracle 2 JG JG 37A99698752A1CF1
Oracle 3 JILL PASSWO2 D89D6F9EB78FC841
Oracle 2 JL JL 489B61E488094A8D
Oracle 3 JMUSER JMUSER 063BA85BF749DF8E
Oracle 3 JOHN JOHN 29ED3FDC733DC86D
Oracle 3 JONES STEEL B9E99443032F059D
Oracle 2 JTF JTF 5C5F6FC2EBB94124
Oracle 3 JTM JTM 6D79A2259D5B4B5A
Oracle 3 JTS JTS 4087EE6EB7F9CD7C
Oracle 3 JWARD AIROPLANE CF9CB787BD98DA7F
Oracle 3 KWALKER KWALKER AD0D93891AEB26D2
Oracle 3 L2LDEMO L2LDEMO 0A6B2DF907484CEE
Oracle 3 LBACSYS LBACSYS AC9700FD3F1410EB
Oracle 3 LIBRARIAN SHELVES 11E0654A7068559C
Oracle 3 MANPROD MANPROD F0EB74546E22E94D
Oracle 3 MARK PASSWO3 F7101600ACABCD74
Oracle 3 MASCARM MANAGER 4EA68D0DDE8AAC6B
Oracle 3 MASTER PASSWORD 9C4F452058285A74
Oracle 3 MDDATA MDDATA DF02A496267DEE66
Oracle 3 MDDEMO MDDEMO 46DFFB4D08C33739
Oracle 3 MDDEMO_CLERK CLERK 564F871D61369A39
Oracle 3 MDDEMO_CLERK MGR E5288E225588D11F
Oracle 3 MDDEMO_MGR MDDEMO_MGR 2E175141BEE66FF6
Oracle 1 MDSYS MDSYS 72979A94BAD2AF80
Oracle 2 ME ME E5436F7169B29E4D
Oracle 2 MFG MFG FC1B0DD35E790847
Oracle 3 MGR MGR 9D1F407F3A05BDD9
Oracle 3 MGWUSER MGWUSER EA514DD74D7DE14C
Oracle 3 MIGRATE MIGRATE 5A88CE52084E9700
Oracle 3 MILLER MILLER D0EFCD03C95DF106
Oracle 3 MMO2 MMO2 AE128772645F6709
Oracle 3 MMO2 MMO3 A0E2085176E05C85
Oracle 3 MMO2 UNKNOWN 62876B0382D5B550
Oracle 3 MODTEST YES BBFF58334CDEF86D
Oracle 3 MOREAU MOREAU CF5A081E7585936B
Oracle 2 MRP MRP B45D4DF02D4E0C85
Oracle 2 MSC MSC 89A8C104725367B2
Oracle 2 MSD MSD 6A29482069E23675
Oracle 2 MSO MSO 3BAA3289DB35813C
Oracle 2 MSR MSR C9D53D00FE77D813
Oracle 3 MTS_USER MTS_PASSWORD E462DB4671A51CD4
Oracle 3 MTSSYS MTSSYS 6465913FF5FF1831
Oracle 2 MWA MWA 1E2F06BE2A1D41A6
Oracle 3 MXAGENT MXAGENT C5F0512A64EB0E7F
Oracle 3 NAMES NAMES 9B95D28A979CC5C4
Oracle 3 NEOTIX_SYS NEOTIX_SYS 05BFA7FF86D6EB32
Oracle 3 NNEUL NNEULPASS 4782D68D42792139
Oracle 3 NOM_UTILISATEUR MOT_DE_PASSE FD621020564A4978
Oracle 3 NOMEUTENTE PASSWORD 8A43574EFB1C71C7
Oracle 3 NOME_UTILIZADOR SENHA 71452E4797DF917B
Oracle 3 NUME_UTILIZATOR PAROL 73A3AC32826558AE
Oracle 3 OAIHUB902 <UNKNOWN>
Oracle 3 OAS_PUBLIC OAS_PUBLIC A8116DB6E84FA95D
Oracle 3 OAS_PUBLIC <UNKNOWN> 9300C0977D7DC75E
Oracle 3 OCITEST OCITEST C09011CB0205B347
Oracle 3 OCM_DB_ADMIN <UNKNOWN>
Oracle 3 OCM_DB_ADMIN OCM_DB_ADMIN 2C3A5DEF1EE57E92
Oracle 3 ODM ODM C252E8FA117AF049
Oracle 3 ODM_MTR MTRPW A7A32CD03D3CE8D5
Oracle 3 ODS ODS 89804494ADFC71BC
Oracle 3 ODS_SERVER ODS_SERVER C6E799A949471F57
Oracle 3 ODSCOMMON ODSCOMMON 59BBED977430C1A8
Oracle 3 OE CHANGE_ON_INSTAL
L
9C30855E7E0CB02D
Oracle 3 OE UNKNOWN 62FADF01C4DC1ED4
Oracle 2 OE OE D1A2DFC623FDA40A
Oracle 3 OEM_REPOSITORY <UNKNOWN> 1FF89109F7A16FEF
Oracle 3 OEMADM OEMADM 9DCE98CCF541AAE6
Oracle 3 OEMREP OEMREP 7BB2F629772BF2E5
Oracle 3 OKB OKB A01A5F0698FC9E31
Oracle 2 OKC OKC 31C1DDF4D5D63FE6
Oracle 2 OKE OKE B7C1BB95646C16FE
Oracle 3 OKI OKI 991C817E5FD0F35A
Oracle 3 OKO OKO 6E204632EC7CA65D
Oracle 2 OKR OKR BB0E28666845FCDC
Oracle 2 OKS OKS C2B4C76AB8257DF5
Oracle 2 OKX OKX F9FDEB0DE52F5D6B
Oracle 3 OLAPDBA OLAPDBA 1AF71599EDACFB00
Oracle 3 OLAPSVR INSTANCE AF52CFD036E8F425
Oracle 3 OLAPSVR OLAPSVR 3B3F6DB781927D0F
Oracle 3 OLAPSYS MANAGER 3FB8EF9DB538647C
Oracle 3 OLAPSYS OLAPSYS C1510E7AC8F0D90D
Oracle 3 OMWB_EMULATION ORACLE 54A85D2A0AB8D865
Oracle 2 ONT ONT 9E3C81574654100A
Oracle 3 OO OO 2AB9032E4483FAFC
Oracle 3 OPENSPIRIT OPENSPIRIT D664AAB21CE86FD2
Oracle 2 OPI OPI 1BF23812A0AEEDA0
Oracle 3 ORACACHE <UNKNOWN>
Oracle 3 ORACACHE ORACACHE 5A4EEC421DE68DDD
Oracle 3 ORACLE ORACLE 38E38619A12E0257
Oracle 3 ORADBA ORADBAPASS C37E732953A8ABDB
Oracle 3 ORANGE <UNKNOWN> 3D9B7E34A4F7D4E9
Oracle 3 ORAPROBE ORAPROBE 2E3EA470A4CA2D94
Oracle 3 ORAREGSYS ORAREGSYS 28D778112C63CB15
Oracle 3 ORASSO ORASSO F3701A008AA578CF
Oracle 3 ORASSO_DS ORASSO_DS 17DC8E02BC75C141
Oracle 3 ORASSO_PA ORASSO_PA 133F8D161296CB8F
Oracle 3 ORASSO_PS ORASSO_PS 63BB534256053305
Oracle 3 ORASSO_PUBLIC ORASSO_PUBLIC C6EED68A8F75F5D3
Oracle 3 ORASTAT ORASTAT 6102BAE530DD4B95
Oracle 3 ORCLADMIN WELCOME 7C0BE475D580FBA2
Oracle 3 ORDCOMMON ORDCOMMON 9B616F5489F90AD7
Oracle 3 DATA_SCHEMA LASKJDF098KSDAF09 5ECB30FD1A71CC54
Oracle 2 DBSNMP DBSNMP E066D214D5421CCC
Oracle 3 DBVISION DBVISION F74F7EF36A124931
Oracle 3 DCM <UNKNOWN>
Oracle 3 DDIC 199220706 4F9FFB093F909574
Oracle 3 DEMO DEMO 4646116A123897CF
Oracle 3 DEMO8 DEMO8 0E7260738FDFD678
Oracle 3 DEMO9 DEMO9 EE02531A80D998CA
Oracle 3 DES DES ABFEC5AC2274E54D
Oracle 3 DES2K DES2K 611E7A73EC4B425A
Oracle 3 DEV2000_DEMOS DEV2000_DEMOS 18A0C8BD6B13BEE2
Oracle 3 DIANE PASSWO1 46DC27700F2ADE28
Oracle 2 DIP DIP CE4A36B8E06CA59C
Oracle 2 DISCOVERER_ADMIN DISCOVERER_ADMIN 5C1AED4D1AADAA4C
Oracle 3 DISCOVERER5 <UNKNOWN>
Oracle 3 DMSYS DMSYS BFBA5A553FD9E28A
Oracle 3 DPF DPFPASS E53F7C782FAA6898
Oracle 3 DSGATEWAY <UNKNOWN>
Oracle 3 DSGATEWAY DSGATEWAY 6869F3CFD027983A
Oracle 3 DSSYS DSSYS E3B6E6006B3A99E0
Oracle 3 DTSP DTSP 5A40D4065B3673D2
Oracle 2 EAA EAA A410B2C5A0958CDF
Oracle 2 EAM EAM CE8234D92FCFB563
Oracle 3 EARLYWATCH SUPPORT 8AA1C62E08C76445
Oracle 3 EAST EAST C5D5C455A1DE5F4D
Oracle 2 EC EC 6A066C462B62DD46
Oracle 2 ECX ECX 0A30645183812087
Oracle 3 EJB EJB 69CB07E2162C6C93
Oracle 3 EJSADMIN EJSADMIN 4C59B97125B6641A
Oracle 3 EJSADMIN EJSADMIN_PASSWOR
D
313F9DFD92922CD2
Oracle 3 EMP EMP B40C23C6E2B4EA3D
Oracle 2 ENG ENG 4553A3B443FB3207
Oracle 2 ENI ENI 05A92C0958AFBCBC
Oracle 3 ESTOREUSER ESTORE 51063C47AC2628D4
Oracle 3 EVENT EVENT 7CA0A42DA768F96D
Oracle 2 EVM EVM 137CEDC20DE69F71
Oracle 3 EXAMPLE EXAMPLE 637417B1DC47C2E5
Oracle 2 EXFSYS EXFSYS 66F4EF5650C20355
Oracle 3 EXTDEMO EXTDEMO BAEF9D34973EE4EC
Oracle 3 EXTDEMO2 EXTDEMO2 6A10DD2DB23880CB
Oracle 2 FA FA 21A837D0AED8F8E5
Oracle 2 FEM FEM BD63D79ADF5262E7
Oracle 2 FII FII CF39DE29C08F71B9
Oracle 3 FINANCE FINANCE 6CBBF17292A1B9AA
Oracle 3 FINPROD FINPROD 8E2713F53A3D69D5
Oracle 2 FLM FLM CEE2C4B59E7567A3
Oracle 3 FND FND 0C0832F8B6897321
Oracle 3 FOO BAR 707156934A6318D4
Oracle 2 FPT FPT 73E3EC9C0D1FAECF
Oracle 2 FRM FRM 9A2A7E2EBE6E4F71
Oracle 3 FROSTY SNOWMAN 2ED539F71B4AA697
Oracle 2 FTE FTE 2FB4D2C9BAE2CCCA
Oracle 2 FV FV 907D70C0891A85B1
Oracle 3 GL GL CD6E99DACE4EA3A6
Oracle 2 GMA GMA DC7948E807DFE242
Oracle 2 GMD GMD E269165256F22F01
Oracle 2 GME GME B2F0E221F45A228F
Oracle 2 GMF GMF A07F1956E3E468E1
Oracle 2 GMI GMI 82542940B0CF9C16
Oracle 2 GML GML 5F1869AD455BBA73
Oracle 2 GMP GMP 450793ACFCC7B58E
Oracle 2 GMS GMS E654261035504804
Oracle 3 GPFD GPFD BA787E988F8BC424
Oracle 3 GPLD GPLD 9D561E4D6585824B
Oracle 2 GR GR F5AB0AA3197AEE42
Oracle 3 HADES HADES 2485287AC1DB6756
Oracle 3 HCPARK HCPARK 3DE1EBA32154C56B
Oracle 3 HLW HLW 855296220C095810
Oracle 3 HR UNKNOWN 6E0C251EABE4EBB8
Oracle 2 ABM ABM D0F2982F121C7840
Oracle 4 ADAMS WOOD 72CDEF4A3483F60D
Oracle 3 ADLDEMO ADLDEMO 147215F51929A6E8
Oracle 3 ADMIN JETSPEED CAC22318F162D597
Oracle 3 ADMIN WELCOME B8B15AC9A946886A
Oracle 3 ADMINISTRATOR ADMIN F9ED601D936158BD
Oracle 3 ADMINISTRATOR ADMINISTRATOR 1848F0A31D1C5C62
Oracle 3 AHL AHL 7910AE63C9F7EEEE
Oracle 3 AHM AHM 33C2E27CF5E401A4
Oracle 2 AK AK 8FCB78BBA8A59515
Oracle 3 ALHRO XXX 049B2397FB1A419E
Oracle 3 ALHRW XXX B064872E7F344CAE
Oracle 3 ALR ALR BE89B24F9F8231A9
Oracle 2 AMS AMS BD821F59270E5F34
Oracle 2 AMV AMV 38BC87EB334A1AC4
Oracle 4 ANDY SWORDFISH B8527562E504BC3F
Oracle 3 ANONYMOUS ANONYMOUS FE0E8CE7C92504E9
Oracle 3 ANONYMOUS <INVALID> Anonymous
Oracle 3 AP AP EED09A552944B6AD
Oracle 3 APPLMGR APPLMGR CB562C240E871070
Oracle 3 APPLSYS APPLSYS FE84888987A6BF5A
Oracle 3 APPLSYS APPS E153FFF4DAE6C9F7
Oracle 3 APPLSYS FND 0F886772980B8C79
Oracle 3 APPLSYSPUB APPLSYSPUB D5DB40BB03EA1270
Oracle 3 APPLSYSPUB PUB D2E3EF40EE87221E
Oracle 3 APPLSYSPUB FNDPUB 78194639B5C3DF9F
Oracle 3 APPLYSYSPUB FNDPUB 78194639B5C3DF9F
Oracle 3 APPLYSYSPUB PUB A5E09E84EC486FC9
Oracle 3 APPLYSYSPUB <UNKNOWN> D2E3EF40EE87221E
Oracle 1 APPS APPS D728438E8A5925E0
Oracle 1 APPS_MRC APPS 2FFDCBB4FD11D9DC
Oracle 3 APPUSER APPPASSWORD 7E2C3C2D4BF4071B
Oracle 3 AQ AQ 2B0C31040A1CFB48
Oracle 3 AQDEMO AQDEMO 5140E342712061DD
Oracle 3 AQJAVA AQJAVA 8765D2543274B42E
Oracle 3 AQUSER AQUSER 4CF13BDAC1D7511C
Oracle 2 AR AR BBBFE175688DED7E
Oracle 3 ASF ASF B6FD427D08619EEE
Oracle 3 ASG ASG 1EF8D8BD87CF16BE
Oracle 3 ASL ASL 03B20D2C323D0BFE
Oracle 3 ASO ASO F712D80109E3C9D8
Oracle 3 ASP ASP CF95D2C6C85FF513
Oracle 3 AST AST F13FF949563EAB3C
Oracle 3 ATM SAMPLEATM 7B83A0860CF3CB71
Oracle 3 AUDIOUSER AUDIOUSER CB4F2CEC5A352488
Oracle 3 AURORA$JIS$UTILITY$ <INVALID> INVALID_ENCRYPTED_PASS
WORD
Oracle 3 AURORA$JIS$UTILITY$ INVALID E1BAE6D95AA95F1E
Oracle 3 AURORA$ORB$UNAUTH
ENTICATED
INVALID 80C099F0EADF877E
Oracle 3 AURORA$ORB$UNAUTH
ENTICATED
<INVALID> INVALID_ENCRYPTED_PASS
WORD
Oracle 3 AX AX 0A8303530E86FCDD
Oracle 3 AZ AZ AAA18B5D51B0D5AC
Oracle 3 BC4J BC4J EAA333E83BF2810D
Oracle 2 BEN BEN 9671866348E03616
Oracle 2 BIC BIC E84CC95CBBAC1B67
Oracle 2 BIL BIL BF24BCE2409BE1F7
Oracle 2 BIM BIM 6026F9A8A54B9468
Oracle 2 BIS BIS 7E9901882E5F3565
Oracle 3 BIV BIV 2564B34BE50C2524
Oracle 2 BIX BIX 3DD36935EAEDE2E3
Oracle 4 BLAKE PAPER 9435F2E60569158E
Oracle 3 BLEWIS BLEWIS C9B597D7361EE067
Oracle 2 BOM BOM 56DB3E89EAE5788E
Oracle 1 SYSMAN SYSMAN 447B729161192C24
Oracle 2 SYSTEM CHANGE_ON_INSTAL
L
8BF0DA8E551DE1B9
Oracle 1 SYSTEM D_SYSPW 1B9F1F9A5CB9EB31
Oracle 1 SYSTEM MANAGER D4DF7931AB130E37
Oracle 1 SYSTEM ORACLE 2D594E86F93B17A1
Oracle 1 SYSTEM SYSTEMPASS 4861C2264FB17936
Oracle 1 SYSTEM SYSTEM 970BAA5B81930A40
Oracle 1 SYSTEM MANAG3R 135176FFB5BA07C9
Oracle 1 SYSTEM ORACL3 E4519FCD3A565446
Oracle 1 SYSTEM 0RACLE 66A490AEAA61FF72
Oracle 1 SYSTEM 0RACL3 10B0C2DA37E11872
Oracle 1 SYSTEM ORACLE8 D5DD57A09A63AA38
Oracle 1 SYSTEM ORACLE9 69C27FA786BA774C
Oracle 1 SYSTEM ORACLE9I 86FDB286770CD4B9
Oracle 1 SYSTEM 0RACLE9I B171042374D7E6A2
Oracle 1 SYSTEM 0RACL39I D7C18B3B3F2A4D4B
Oracle 3 TAHITI TAHITI F339612C73D27861
Oracle 3 TALBOT MT6CH5 905475E949CF2703
Oracle 3 TDOS_ICSAP TDOS_ICSAP 7C0900F751723768
Oracle 3 TEC TECTEC 9699CFD34358A7A7
Oracle 3 TEST PASSWD 26ED9DD4450DD33C
Oracle 3 TEST TEST 7A0F2B316C212D67
Oracle 3 TEST_USER TEST_USER C0A0F776EBBBB7FB
Oracle 3 TESTPILOT TESTPILOT DE5B73C964C7B67D
Oracle 3 THINSAMPLE THINSAMPLEPW 5DCD6E2E26D33A6E
Oracle 3 TIBCO TIBCO ED4CDE954630FA82
Oracle 3 TIP37 TIP37 B516D9A33679F56B
Oracle 3 TRACESVR TRACE F9DA8977092B7B81
Oracle 3 TRAVEL TRAVEL 97FD0AE6DFF0F5FE
Oracle 3 TSDEV TSDEV 29268859446F5A8C
Oracle 3 TSUSER TSUSER 90C4F894E2972F08
Oracle 3 TURBINE TURBINE 76F373437F33F347
Oracle 3 UDDISYS <UNKNOWN>
Oracle 3 ULTIMATE ULTIMATE 4C3F880EFA364016
Oracle 3 UM_ADMIN UM_ADMIN F4F306B7AEB5B6FC
Oracle 3 UM_CLIENT UM_CLIENT 82E7FF841BFEAB6C
Oracle 3 USER USER 74085BE8A9CF16B4
Oracle 3 USER_NAME PASSWORD 96AE343CA71895DA
Oracle 3 USER0 USER0 8A0760E2710AB0B4
Oracle 3 USER1 USER1 BBE7786A584F9103
Oracle 3 USER2 USER2 1718E5DBB8F89784
Oracle 3 USER3 USER3 94152F9F5B35B103
Oracle 3 USER4 USER4 2907B1BFA9DA5091
Oracle 3 USER5 USER5 6E97FCEA92BAA4CB
Oracle 3 USER6 USER6 F73E1A76B1E57F3D
Oracle 3 USER7 USER7 3E9C94488C1A3908
Oracle 3 USER8 USER8 D148049C2780B869
Oracle 3 USER9 USER9 0487AFEE55ECEE66
Oracle 3 UTILITY UTILITY 81F2423D6811246D
Oracle 3 USUARIO CLAVE 1AB4E5FD2217F7AA
Oracle 3 UTLBSTATU UTLESTAT C42D1FA3231AB025
Oracle 2 VEA VEA D38D161C22345902
Oracle 2 VEH VEH 72A90A786AAE2914
Oracle 3 VERTEX_LOGIN VERTEX_LOGIN DEF637F1D23C0C59
Oracle 3 VIDEOUSER VIDEOUSER 29ECA1F239B0F7DF
Oracle 3 VIF_DEVELOPER VIF_DEV_PWD 9A7DCB0C1D84C488
Oracle 3 VIRUSER VIRUSER 404B03707BF5CEA3
Oracle 3 VPD_ADMIN AKF7D98S2 571A7090023BCD04
Oracle 3 VRR1 VRR1 811C49394C921D66
Oracle 3 VRR1 VRR2 3D703795F61E3A9A
Oracle 3 VRR1 UNKNOWN 3DA1893A5FCA23BF
Oracle 3 WEBCAL01 WEBCAL01 C69573E9DEC14D50
Oracle 3 WEBDB WEBDB D4C4DCDD41B05A5D
Oracle 3 WEBREAD WEBREAD F8841A7B16302DE6
Oracle 3 WEBSYS MANAGER A97282CE3D94E29E
Oracle 3 WEBUSER YOUR_PASS FD0C7DB4C69FA642
Oracle 3 WEST WEST DD58348364219102
Oracle 3 WFADMIN WFADMIN C909E4F104002876
Oracle 2 WH WH 91792EFFCB2464F9
Oracle 2 WIP WIP D326D25AE0A0355C
Oracle 3 WIRELESS <UNKNOWN>
Oracle 3 WKADMIN WKADMIN 888203D36F64C5F6
Oracle 3 WKPROXY WKPROXY AA3CB2A4D9188DDB
Oracle 3 WKPROXY CHANGE_ON_INSTAL
L
B97545C4DD2ABE54
Oracle 3 WKSYS CHANGE_ON_INSTAL
L
69ED49EE1851900D
Oracle 3 WKPROXY UNKNOWN 18F0B0E50B9F7B12
Oracle 3 WKSYS WKSYS 545E13456B7DDEA0
Oracle 3 WKUSER WKUSER 8B104568E259B370
Oracle 3 WK_SYS <UNKNOWN> 79DF7A1BD138CF11
Oracle 3 WK_TEST WK_TEST 29802572EB547DBF
Oracle 3 WK_PROXY <UNKNOWN> 3F9FBD883D787341
Oracle 2 WMS WMS D7837F182995E381
Oracle 3 WMSYS WMSYS 7C9BA362F8314299
Oracle 3 WOB WOB D27FA6297C0313F4
Oracle 2 WPS WPS 50D22B9D18547CF7
Oracle 2 WSH WSH D4D76D217B02BD7A
Oracle 2 WSM WSM 750F2B109F49CC13
Oracle 3 WWW WWW 6DE993A60BC8DBBF
Oracle 3 WWWUSER WWWUSER F239A50072154BAC
Oracle 3 XADEMO XADEMO ADBC95D8DCC69E66
Oracle 3 XDB CHANGE_ON_INSTAL
L
88D8364765FCE6AF
Oracle 2 XDP XDP F05E53C662835FA2
Oracle 2 XLA XLA 2A8ED59E27D86D41
Oracle 2 XNC XNC BD8EA41168F6C664
Oracle 3 XNI XNI F55561567EF71890
Oracle 2 XNM XNM 92776EA17B8B5555
Oracle 2 XNP XNP 3D1FB783F96D1F5E
Oracle 2 XNS XNS FABA49C38150455E
Oracle 3 XPRT XPRT 0D5C9EFC2DFE52BA
Oracle 2 XTR XTR A43EE9629FA90CAE
Oracle 3 MDDEMO_MGR MGR B41BCD9D3737F5C4
Oracle 1 SYSTEM D_SYSTPW 4438308EE0CAFB7F
Oracle 1 SYSTEM ORACLE8I FAAD7ADAF48B5F45
Oracle 1 SYSTEM 0RACLE8 685657E9DC29E185
Oracle 1 SYSTEM 0RACLE9 49B70B505DF0247F
Oracle 1 SYSTEM 0RACLE8I B49C4279EBD8D1A8
Oracle 1 SYSTEM 0RACL38 604101D3AACE7E88
Oracle 1 SYSTEM 0RACL39 02AB2DB93C952A8F
Oracle 1 SYSTEM 0RACL38I 203CD8CF183E716C
Oracle 1 SYS 0RACLE8 1FA22316B703EBDD
Oracle 1 SYS 0RACLE9 12CFB5AE1D087BA3
Oracle 1 SYS 0RACLE8I 380E3D3AD5CE32D4
Oracle 1 SYS 0RACL38 2563EFAAE44E785A
Oracle 1 SYS 0RACL39 E7686462E8CD2F5E
Oracle 1 SYS 0RACL38I 691C5E7E424B821A
Oracle 3 ORDPLUGINS ORDPLUGINS 88A2B2C183431F00
Oracle 2 ORDSYS ORDSYS 7EFA02EC7EA6B86F
Oracle 3 OSE$HTTP$ADMIN Invalid password INVALID_ENCRYPTED_PASS
WORD
Oracle 3 OSE$HTTP$ADMIN INVALID 05327CD9F6114E21
Oracle 2 OSM OSM 106AE118841A5D8C
Oracle 3 OSP22 OSP22 C04057049DF974C2
Oracle 3 OSSAQ_HOST <UNKNOWN>
Oracle 3 OSSAQ_PUB <UNKNOWN>
Oracle 3 OSSAQ_SUB <UNKNOWN>
Oracle 2 OTA OTA F5E498AC7009A217
Oracle 2 OUTLN OUTLN 4A3BA55E08595C81
Oracle 3 OWA OWA CA5D67CD878AFC49
Oracle 3 OWA_PUBLIC OWA_PUBLIC 0D9EC1D1F2A37657
Oracle 3 OWF_MGR <UNKNOWN>
Oracle 3 OWF_MGR OWF_MGR 3CBED37697EB01D1
Oracle 3 OWNER OWNER 5C3546B4F9165300
Oracle 2 OZF OZF 970B962D942D0C75
Oracle 2 OZP OZP B650B1BB35E86863
Oracle 2 OZS OZS 0DABFF67E0D33623
Oracle 2 PA PA 8CE2703752DB36D8
Oracle 3 PANAMA PANAMA 3E7B4116043BEAFF
Oracle 3 PATROL PATROL 0478B8F047DECC65
Oracle 3 PAUL PAUL 35EC0362643ADD3F
Oracle 3 PERFSTAT PERFSTAT AC98877DE1297365
Oracle 3 PERSTAT PERSTAT A68F56FBBCDC04AB
Oracle 2 PJM PJM 021B05DBB892D11F
Oracle 3 PLANNING PLANNING 71B5C2271B7CFF18
Oracle 3 PLEX PLEX 99355BF0E53FF635
Oracle 3 PLSQL SUPERSECRET C4522E109BCF69D0
Oracle 3 PM CHANGE_ON_INSTAL
L
72E382A52E89575A
Oracle 3 PM UNKNOWN F67E035BF8352CB4
Oracle 3 PM PM C7A235E6D2AF6018
Oracle 2 PMI PMI A7F7978B21A6F65E
Oracle 2 PN PN D40D0FEF9C8DC624
Oracle 1 PO PO 355CBEC355C10FEF
Oracle 3 PO7 PO7 6B870AF28F711204
Oracle 3 PO8 PO8 7E15FBACA7CDEBEC
Oracle 2 POA POA 2AB40F104D8517A0
Oracle 2 POM POM 123CF56E05D4EF3C
Oracle 3 PORTAL <UNKNOWN>
Oracle 3 PORTAL_APP <UNKNOWN>
Oracle 3 PORTAL_DEMO <UNKNOWN>
Oracle 3 PORTAL_DEMO PORTAL_DEMO A0A3A6A577A931A3
Oracle 3 PORTAL_PUBLIC <UNKNOWN>
Oracle 3 PORTAL_SSO_PS PORTAL_SSO_PS D1FB757B6E3D8E2F
Oracle 3 PORTAL30 PORTAL30 969F9C3839672C6D
Oracle 3 PORTAL30 PORTAL31 D373ABE86992BE68
Oracle 3 PORTAL30_ADMIN PORTAL30_ADMIN 7AF870D89CABF1C7
Oracle 3 PORTAL30_DEMO PORTAL30_DEMO CFD1302A7F832068
Oracle 3 PORTAL30_PS PORTAL30_PS 333B8121593F96FB
Oracle 3 PORTAL30_PUBLIC PORTAL30_PUBLIC 42068201613CA6E2
Oracle 3 PORTAL30_SSO PORTAL30_SSO 882B80B587FCDBC8
Oracle 3 PORTAL30_SSO_ADMIN PORTAL30_SSO_ADM
IN
BDE248D4CCCD015D
Oracle 3 PORTAL30_SSO_PS PORTAL30_SSO_PS F2C3DC8003BC90F8
Oracle 3 PORTAL30_SSO_PUBLI
C
PORTAL30_SSO_PUB
LIC
98741BDA2AC7FFB2
Oracle 3 POS POS 6F6675F272217CF7
Oracle 3 POWERCARTUSER POWERCARTUSER 2C5ECE3BEC35CE69
Oracle 3 PRIMARY PRIMARY 70C3248DFFB90152
Oracle 2 PSA PSA FF4B266F9E61F911
Oracle 2 PSB PSB 28EE1E024FC55E66
Oracle 2 PSP PSP 4FE07360D435E2F0
Oracle 1 PUBSUB PUBSUB 80294AE45A46E77B
Oracle 3 PUBSUB1 PUBSUB1 D6DF5BBC8B64933E
Oracle 2 PV PV 76224BCC80895D3D
Oracle 2 QA QA C7AEAA2D59EB1EAE
Oracle 3 QDBA QDBA AE62CB8167819595
Oracle 2 QP QP 10A40A72991DCA15
Oracle 3 QS CHANGE_ON_INSTAL
L
8B09C6075BDF2DC4
Oracle 3 QS QS 4603BCD2744BDE4F
Oracle 3 QS UNKNOWN ACBD635B3A25405D
Oracle 3 QS_ADM CHANGE_ON_INSTAL
L
991CDDAD5C5C32CA
Oracle 3 QS_ADM QS_ADM 3990FB418162F2A0
Oracle 3 QS_ADM UNKNOWN BB424460EFEC9080
Oracle 3 QS_CB CHANGE_ON_INSTAL
L
CF9CFACF5AE24964
Oracle 3 QS_CB QS_CB 870C36D8E6CD7CF5
Oracle 3 QS_CB UNKNOWN A2A1265A6BDC8F36
Oracle 3 QS_CBADM CHANGE_ON_INSTAL
L
7C632AFB71F8D305
Oracle 3 QS_CBADM QS_CBADM 20E788F9D4F1D92C
Oracle 3 QS_CBADM UNKNOWN 58C823BA7A2D3D7F
Oracle 3 QS_CS CHANGE_ON_INSTAL
L
91A00922D8C0F146
Oracle 3 QS_CS QS_CS 2CA6D0FC25128CF3
Oracle 3 QS_CS UNKNOWN 5D85C7E8FB28375F
Oracle 3 QS_ES CHANGE_ON_INSTAL
L
E6A6FA4BB042E3C2
Oracle 3 QS_ES QS_ES 9A5F2D9F5D1A9EF4
Oracle 3 QS_ES UNKNOWN 723007181C44715C
Oracle 3 QS_OS CHANGE_ON_INSTAL
L
FF09F3EB14AE5C26
Oracle 3 QS_OS QS_OS 0EF5997DC2638A61
Oracle 3 QS_OS UNKNOWN 7ABBCF4BEB7854B2
Oracle 3 QS_WS CHANGE_ON_INSTAL
L
24ACF617DD7D8F2F
Oracle 3 QS_WS QS_WS 0447F2F756B4F460
Oracle 3 QS_WS UNKNOWN 8CF13718CDC81090
Oracle 3 RE RE 933B9A9475E882A6
Oracle 3 REP_MANAGER DEMO 2D4B13A8416073A1
Oracle 3 REP_OWNER DEMO 88D8F06915B1FE30
Oracle 3 REP_OWNER REP_OWNER BD99EC2DD84E3B5C
Oracle 3 REP_USER DEMO 57F2A93832685ADB
Oracle 3 REPADMIN REPADMIN 915C93F34954F5F8
Oracle 3 REPORTS_USER OEM_TEMP 635074B4416CD3AC
Oracle 3 REPORTS REPORTS 0D9D14FE6653CF69
Oracle 2 RG RG 0FAA06DA0F42F21F
Oracle 2 RHX RHX FFDF6A0C8C96E676
Oracle 2 RLA RLA C1959B03F36C9BB2
Oracle 2 RLM RLM 4B16ACDA351B557D
Oracle 3 RMAIL RMAIL DA4435BBF8CAE54C
Oracle 2 RMAN RMAN E7B5D92911C831E1
Oracle 3 RRS RRS 5CA8F5380C959CA9
Oracle 1 SAMPLE SAMPLE E74B15A3F7A19CA8
Oracle 3 SAP SAPR3 BEAA1036A464F9F0
Oracle 3 SAP 6071992 B1344DC1B5F3D903
Oracle 3 SAPR3 SAP 58872B4319A76363
Oracle 3 SCOTT TIGER F894844C34402B67
Oracle 3 SCOTT TIGGER 7AA1A84E31ED7771
Oracle 3 SDOS_ICSAP SDOS_ICSAP C789210ACC24DA16
Oracle 3 SECDEMO SECDEMO 009BBE8142502E10
Oracle 3 SERVICECONSUMER1 SERVICECONSUMER1 183AC2094A6BD59F
Oracle 3 SH CHANGE_ON_INSTAL
L
9793B3777CD3BD1A
Oracle 3 SH SH 54B253CBBAAA8C48
Oracle 3 SH UNKNOWN 1729F80C5FA78841
Oracle 3 SITEMINDER SITEMINDER 061354246A45BBAB
Oracle 3 SI_INFORMTN_SCHEMA SI_INFORMTN_SCHE
MA
84B8CBCA4D477FA3
Oracle 3 SLIDE SLIDEPW FDFE8B904875643D
Oracle 3 SPIERSON SPIERSON 4A0A55000357BB3E
Oracle 2 SSP SSP 87470D6CE203FB4D
Oracle 3 STARTER STARTER 6658C384B8D63B0A
Oracle 3 STRAT_USER STRAT_PASSWD AEBEDBB4EFB5225B
Oracle 3 SWPRO SWPRO 4CB05AA42D8E3A47
Oracle 3 SWUSER SWUSER 783E58C29D2FC7E1
Oracle 3 SYMPA SYMPA E7683741B91AF226
Oracle 1 SYS CHANGE_ON_INSTAL
L
D4C5016086B2DC6A
Oracle 1 SYS D_SYSPW 43BE121A2A135FF3
Oracle 2 SYS MANAGER 5638228DAF52805F
Oracle 1 SYS ORACLE 8A8F025737A9097A
Oracle 1 SYS SYS 4DE42795E66117AE
Oracle 1 SYS SYSPASS 66BC3FF56063CE97
Oracle 1 SYS MANAG3R 57D7CFA12BB5BABF
Oracle 1 SYS ORACL3 A9A57E819B32A03D
Oracle 1 SYS 0RACLE 2905ECA56A830226
Oracle 1 SYS 0RACL3 64074AF827F4B74A
Oracle 1 SYS ORACLE8 41B328CA13F70713
Oracle 1 SYS ORACLE9 0B4409DDD5688913
Oracle 1 SYS ORACLE8I 6CFF570939041278
Oracle 1 SYS ORACLE9I 3522F32DD32A9706
Oracle 1 SYS 0RACLE9I BE29E31B2B0EDA33
Oracle 1 SYS 0RACL39I 5AC333703DE0DBD4
Oracle 3 SYSADM SYSADM BA3E855E93B5B9B0
Oracle 3 SYSADMIN <UNKNOWN>
Oracle 3 SYSADMIN SYSADMIN DC86E8DEAA619C1A
Oracle 1 SYSMAN OEM_TEMP 639C32A115D2CA57
BRIO_ADMIN is an account of a 3rd party product.
9iR2 documentation
9iR2 documenation
BSC is a schema account from Oracle Applications. Default it has
several CREATE privileges.
From a book
CALVIN is an account to demonstrate AOLServer. It should not
exist in a production environment.
CATALOG is an account of a 3rd party product.
CCT is a schema account from Oracle Applications. Default it has
This is a training account. It should not be available in a
production environment.
CDOUGLAS is a schema owner of Workflow Iasdb
CE is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
CENTRA is an account that presumably manages Centra
application software.
CENTRAL is an administrative account for Quest Central(?).
CIDS is an account for Cerberus Intrusion Detection System.
CIS is an account for dbengine at interface
from CIS
CIS is an account for dbengine at interface
from CIS
CISINFO is an account for dbengine at interface
from CIS
CISINFO is an account for dbengine at interface
from CIS
CLKANA is an account for Oracle Clickstream Intelligence.
CLKRT is an account for Oracle Clickstream Intelligence.
CN is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
COMPANY is an account with DBA privileges which allow
to read
change and destroy all data in your
database.
COMPIERE is an account for the application Compiere.
CQSCHEMAUSER is a schema account of a 3rd party product.
CQUSERDBUSER is a user account of a 3rd party product.
CRP is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
CS is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
CSC is a schema account from Oracle Applications. Default it has
CSD is a schema account from Oracle Applications. Default it has
Oracle Applications
CSF is a schema account from Oracle Applications. Default it has
Oracle Applications
Oracle Applications
CSMIG is an account for Character Set Migrations.
CSP is a schema account from Oracle Applications. Default it has
CSR is a schema account from Oracle Applications. Default it has
CSS is a schema account from Oracle Applications. Default it has
CTXDEMO is a demonstration account of Oracle Context/Oracle
Text.
CTXSYS (Oracle Text/Intermedia Text/Context option) is an
account with DBA privileges and therefor allows to read
change and
destroy all
change and
destroy all
change and
destroy all
change and
destroy all
CUA is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
CUE is a schema account from Oracle Applications. Default it has
CUF is a schema account from Oracle Applications. Default it has
Oracle Applications
CUI is a schema account from Oracle Applications. Default it has
CUN is a schema account from Oracle Applications. Default it has
CUP is a schema account from Oracle Applications. Default it has
CUS is a schema account from Oracle Applications. Default it has
CZ is a schema account from Oracle Applications. Default it has
HRI is a schema account from Oracle Applications. Default it has
CA Harvest
HXC is a schema account from Oracle Applications. Default it has
HXT is a schema account from Oracle Applications. Default it has
IBA is a schema account from Oracle Applications. Default it has
IBE is a schema account from Oracle Applications. Default it has
IBP is a schema account from Oracle Applications. Default it has
IBU is a schema account from Oracle Applications. Default it has
IBY is a schema account from Oracle Applications. Default it has
ICDBOWN is the owner of BEA eLink Business Process Engine.
ICX is a schema account from Oracle Applications. Default it has
IEB is a schema account from Oracle Applications. Default it has
Oracle Applications
IEM is a schema account from Oracle Applications. Default it has
IEO is a schema account from Oracle Applications. Default it has
IES is a schema account from Oracle Applications. Default it has
IEU is a schema account from Oracle Applications. Default it has
IEX is a schema account from Oracle Applications. Default it has
IFSSYS is an account belonging to Oracle Internet File System.
IGC is a schema account from Oracle Applications. Default it has
IGF is a schema account from Oracle Applications. Default it has
IGI is a schema account from Oracle Applications. Default it has
IGS is a schema account from Oracle Applications. Default it has
IGW is a schema account from Oracle Applications. Default it has
IMAGEUSER is an account of an unknown 3rd party product.
Oracle Applications
IMEDIA is the schema account of the Intermedia option.
Oracle Applications
INV is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
IPA is a schema account from Oracle Applications. Default it has
IPD is a schema account from Oracle Applications. Default it has
IPLANET is an account belonging to iPlanet (now called Java
Enterprise System).
ISC is a schema account from Oracle Applications. Default it has
ITG is a schema account from Oracle Applications. Default it has
JA is a schema account from Oracle Applications. Default it has
JAKE is an account to demonstrate AOLServer. It should not exist
in a production environment.
JE is a schema account from Oracle Applications. Default it has
JG is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
JILL is an account to demonstrate AOLServer. It should not exist
in a production environment.
JL is a schema account from Oracle Applications. Default it has
JMUSER is the schema account of the General Ledger module of
the Oracle E-Business suite.
Book
JTF is a schema account from Oracle Applications. Default it has
Oracle Applications
Oracle Applications
9iR2 documenation
KWALKER is a schema owner of Workflow Iasdb
LBACSYS is an management account of Oracle Label Security. It
allows to change security settings for Oracle Label Security.
LIBRARIAN is an account that possibly belongs to ACD/Web
Librarian
software
targeted at
MARK is an account to demonstrate AOLServer. It should not
10g
MDDEMO_CLERK is a user account belonging to Oracle
Metadata API.
MDDEMO_MGR is an administration account for to Oracle
Metadata API.
The account MDSYS (Oracle Spatial administrator) has DBA-like
privileges
which allow
to read
database.
ME is a schema account from Oracle Applications. Default it has
MFG is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
10g
MRP is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
MSC is a schema account from Oracle Applications. Default it has
MSD is a schema account from Oracle Applications. Default it has
MSO is a schema account from Oracle Applications. Default it has
MSR is a schema account from Oracle Applications. Default it has
MTSSYS is an account for Microsoft Transaction Server support.
MWA is a schema account from Oracle Applications. Default it
has several CREATE privileges.
NNEUL is an account of Computer and Information Services from
the University of Missouri-Rolla.
9iR2 documenation
9iR2 documenation
9iR2 documenation
9iR2 documenation
OAIHUB902 is an account of Oracle 9iAS InterConnect (OAI).
OAS_PUBLIC is the schema account of older versions of Oracle
Webserver.
OCM_DB_ADMIN is an administrative account of Oracle9iAS
Certificate Manager (OCM).
OCM_DB_ADMIN is an administrative account of Oracle9iAS
Certificate Manager (OCM).
ODS is the schema of Oracle Internet Directory metadata.
ODS_SERVER is an administrative account for of Oracle Internet
Directory metadata.
ODSCOMMON is a user with acces to Oracle Internet Directory.
OE is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
OEM_REPOSITORY is the schema owner of Oracle Enterprise
Managers Repository.
Oracle Applications
OKC is a schema account from Oracle Applications. Default it has
OKE is a schema account from Oracle Applications. Default it has
Oracle Applications
Oracle Applications
OKR is a schema account from Oracle Applications. Default it has
OKS is a schema account from Oracle Applications. Default it has
OKX is a schema account from Oracle Applications. Default it has
OLAPDBA is an administrative account for the OLAP Services
option.
OLAPSVR is an administrative account for the OLAP Services
option.
OLAPSVR is an administrative account for the OLAP Services
option.
OLAPSYS is an administrative account for the OLAP Services
option.
OLAPSYS is an administrative account for the OLAP Services
option.
ONT is a schema account from Oracle Applications. Default it has
OPI is a schema account from Oracle Applications. Default it has
ORADBA is a DBA account of Computer and Information Services
from the University of Missouri-Rolla.
OR Solutions
User used to execute default password check scripts
ORASSO is the schema of Oracle9iAS Single Sign-On.
ORASSO_DS is an account belonging to Oracle9iAS Single Sign-
On.
ORASSO_PA is an account belonging to Oracle9iAS Single Sign-
On.
ORASSO_PS is an account belonging to Oracle9iAS Single Sign-
On.
ORASSO_PUBLIC is a public account for Oracle9iAS Single Sign-
On.
n/a
DBSNMP is an account for the Oracle Intelligent Agent. Under
certain circumstances it allows to read passwords from memory.
DBVISION is an administrative account of Platinum DBVision.
DCM is an administrative account of Oracle 9iAS Distributed
Configuration Manager.
This is a SAP application user ID.
DEMO is a commonly used name for demonstration accounts.
This should not exist in a production environment.
DEMO8 is some kind of demonstration account.
DEMO9 is some kind of demonstration account.
DES is a common name for a Oracle Designer account.
DES2K is an account of Oracle Designer 2000.
DEV2000_DEMOS is a demonstration account for Oracle
Developer.
DIANE is an account to demonstrate AOLServer. It should not
10g
DISCOVERER5 is an administrative account of Oracle9iAS
Discoverer.
10g
DPF is an account of Computer and Information Services from
the University of Missouri-Rolla.
DSGATEWAY is an account for Oracle Syndication Server.
DSGATEWAY is an account for Oracle Syndication Server.
DSSYS is an account for Oracle Dynamic Services/Web Services.
EAA is a schema account from Oracle Applications. Default it has
EAM is a schema account from Oracle Applications. Default it has
EC is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
ECX is a schema account from Oracle Applications. Default it has
EMP is an training account (I think). It should not be on production
environments.
ENG is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
ENI is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
ESTOREUSER is an administration account for WebSphere.
EVENT is an administration account for Oracle Discoverer.
EMV is a schema account from Oracle Applications. Default it has
9ir2
9ir2
FA is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
FEM is a schema account from Oracle Applications. Default it has
FII is a schema account from Oracle Applications. Default it has
FINANCE is a schema account for Oracle Financials.
OraSecurityChk.exe
FLM is a schema account from Oracle Applications. Default it has
FND is an account for Oracle Applications the
Financials
9ir2
FPT is a schema account from Oracle Applications. Default it has
FRM is a schema account from Oracle Applications. Default it has
FROSTY seems to be some kind of test account from a guide to
install Oracle on RedHat. This account should not be on
FTE is a schema account from Oracle Applications. Default it has
FV is a schema account from Oracle Applications. Default it has
GL is the schema account of the General Ledger module of the
Oracle E-Business suite.
GMA is a schema account from Oracle Applications. Default it has
GMD is a schema account from Oracle Applications. Default it has
GME is a schema account from Oracle Applications. Default it has
GMF is a schema account from Oracle Applications. Default it has
GMI is a schema account from Oracle Applications. Default it has
GML is a schema account from Oracle Applications. Default it has
GMP is a schema account from Oracle Applications. Default it has
GMS is a schema account from Oracle Applications. Default it has
GPFD is an account of an unknown 3rd party product
GR is a schema account from Oracle Applications. Default it has
HLW seems to be part of a 9iAS demo. It should not be on a
production environment then.
ABM is an account from Oracle Applications. It has amongst
others
CREATE DATABASE LINK privileges.
This is an account to demonstrate using LOBs in VBA code. It
should not be installed in a production environment.
ADMIN is an administration account of Apache Jetspeed.
ADMIN is a generally used accountname to administer a product
(like Apache Jetspeed).
ADMINISTRATOR is a commonly used name for management
accounts for applications.
ADMINISTRATOR is a commonly used name for management
accounts for applications.
Oracle Applications
Oracle Applications
AK is a schema account from Oracle Applications. Default it has
many ANY privileges
amongst
which
ALHRO is an unknown account.
ALHRW is an unknown account.
Oracle Applications
AMS is a schema account from Oracle Applications. Default it has
AMV is a schema account from Oracle Applications. Default it has
Usually it is not a good idea to have anonymous access to a
database.
Set by values
AP is an account for Oracle Applications specifically
Account
APPLSYS is an administration account for Oracle Applications. It
controls the Concurrent Manager.
APPLSYS is an administration account for Oracle Applications. It
controls the Concurrent Manager.
APPLYSYSPUB is an account for Oracle Applications. It has
UNLIMITED TABLESPACE.
APPLYSYSPUB is an account for Oracle Applications. It has
UNLIMITED TABLESPACE.
APPS is an often used name for management or schema
accounts for applications. In Oracle Applications it is a schema
APPS_MRC is a schema account from Oracle Applications. It has
DBA-like privileges.
APPUSER is an often used name for an application account for
users.
AQ is an account to manage Oracle Advanced Queuing a
messaging
AQDEMO is an account to demonstrate Oracle Advanced
Queuing
a
messaging
AQJAVA is an account of Oracle Advanced Queuing a
messaging
AQ is an account to use Oracle Advanced Queuing a
messaging
AR is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
ASF is a schema account from Oracle Applications. Default it has
ASG is a schema account from Oracle Applications. Default it has
ASL is a schema account from Oracle Applications. Default it has
ASO is a schema account from Oracle Applications. Default it has
Oracle Applications
AST is a schema account from Oracle Applications. Default it has
9iR2 default account
AUDIOUSER is the account to manage the Intermedia Audio
option.
AURORA$JIS$UTILITY$ is an internal account of Jserver. In 8i
changing the password will prevent ORB from working.
AURORA$JIS$UTILITY$ is an internal account of Jserver. In 8i
AURORA$ORB$UNAUTHENTICATED is an internal account of
Jserver. In 8i changing the password will prevent ORB from
AX is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
AZ is a schema account from Oracle Applications. Default it has
BC4J is the account to manage the Bussiness Components for
Java.
BEN is a schema account from Oracle Applications. Default it has
BIC is a schema account from Oracle Applications. Default it has
BIL is a schema account from Oracle Applications. Default it has
BIM is a schema account from Oracle Applications. Default it has
BIS is a schema account from Oracle Applications. Default it has
Oracle Applications
BIX is a schema account from Oracle Applications. Default it has
BLEWIS is a schema owner of Workflow Iasdb
BOM is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
SYSMAN is the management account for Oracle Enterprise
Mananger. It is used as access to all databases that are managed
SYSTEM is Oracles database management account. It allows to
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
9iR2 documenation
TRACESVR is required for Oracle trace (otrace) which is
generally not
you might want to lock it.
UDDISYS is an administrative account of Oracle9iAS Web
Services.
-
9iR2 documentation
VEA is a schema account from Oracle Applications. Default it has
VEH is a schema account from Oracle Applications. Default it has
WH is a schema account from Oracle Applications. Default it has
WIP is a schema account from Oracle Applications. Default it has
WIRELESS is an administrative account of Oracle 9iAS Wireless
WFADMIN is an administrative account of Oracle9iAS WorkFlow.
10g
WKPROXY is an administrative account of Oracle9iAS
Ultrasearch.
WKSYS is an administrative account of Oracle9iAS Ultrasearch.
WKSYS is an administrative account of Oracle9iAS Ultrasearch.
WKUSER is a user account of Oracle9iAS Ultrasearch.
10g
10g
WMS is a schema account from Oracle Applications. Default it
WPS is a schema account from Oracle Applications. Default it has
WSH is a schema account from Oracle Applications. Default it
WSM is a schema account from Oracle Applications. Default it
XDP is a schema account from Oracle Applications. Default it has
XLA is a schema account from Oracle Applications. Default it has
XNC is a schema account from Oracle Applications. Default it has
Oracle Applications
XNM is a schema account from Oracle Applications. Default it has
XNP is a schema account from Oracle Applications. Default it has
XNS is a schema account from Oracle Applications. Default it has
XTR is a schema account from Oracle Applications. Default it has
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
read
change and
destroy all
SYS is Oracles most powerful database management account. It
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
ORDPLUGINS is an administrative account for Oracle Time
Series.
The account ORDSYS (Oracle Time Series) has a limited number
of risky system privileges
amongst
which those
OSE$HTTP$ADMIN is an internal account of Jserver. In 8i
OSE$HTTP$ADMIN is an internal account of Jserver. In 8i
OSM is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
OSSAQ_HOST is an administrative account of Oracle9iAS
Syndication Server.
OSSAQ_PUB is a public account of Oracle9iAS Syndication
Server.
OSSAQ_SUB is an administrative account of Oracle9iAS
Syndication Server.
OTA is a schema account from Oracle Applications. Default it has
several ANY privs
amongst
which
Often neglected the OUTLN
account has
OWF_MGR is the schema owner of Oracle Workflow Manager.
OWF_MGR is the schema owner of Oracle Workflow Manager.
OZF is a schema account from Oracle Applications. Default it has
OZP is a schema account from Oracle Applications. Default it has
OZS is a schema account from Oracle Applications. Default it has
PA is a schema account from Oracle Applications. Default it has
Book
PERFSTAT is an account of Oracles statistics package
Statspack. PERFSTAT probably has permissions to see the data
PERFSTAT is an account of Oracles statistics package
Statspack. PERFSTAT probably has permissions to see the data
PJM is a schema account from Oracle Applications. Default it has
PMI is a schema account from Oracle Applications. Default it has
PN is a schema account from Oracle Applications. Default it has
PO is an possibly account with DBA privileges which allow
to read
database.
POA is a schema account from Oracle Applications. Default it has
POM is a schema account from Oracle Applications. Default it has
PORTAL30 is the schema owner of Oracle Portal.
PORTAL31 is the schema owner of Oracle Portal.
PORTAL30_ADMIN is the administration account of Oracle Portal.
PORTAL30_SSO is the schema owner of Oracle Portal Single-
Sign on
PORTAL30_SSO is the admin account of Oracle Portal Single-
Sign on
PORTAL30_SSO is the public account for Oracle Portal Single-
Sign on
Oracle Applications
PSA is a schema account from Oracle Applications. Default it has
PSB is a schema account from Oracle Applications. Default it has
PSP is a schema account from Oracle Applications. Default it has
PUBSUB is an account with DBA privileges which allow
to read
database.
PV is a schema account from Oracle Applications. Default it has
QA is a schema account from Oracle Applications. Default it has
QP is a schema account from Oracle Applications. Default it has
n/a
RG is a schema account from Oracle Applications. Default it has
RHX is a schema account from Oracle Applications. Default it has
RLA is a schema account from Oracle Applications. Default it has
RLM is a schema account from Oracle Applications. Default it has
RMAN is an account for the Oracle Recovery Manager. This
account might be misused to write unwanted changes to the
SAMPLE is possibly an account with DBA privileges which allow
to read
database.
SAPR3 is the administration account (and schema?) of SAP R/3
10g
SPIERSON is a schema owner of Workflow Iasdb
SSP is a schema account from Oracle Applications. Default it has
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
allows to read
change and
destroy all
SYSADMIN is the schema owner of Oracle Workflow Manager.
SYSADMIN is the schema owner of Oracle Workflow Manager.
SYSMAN is the management account for Oracle Enterprise
Mananger. It is used as access to all databases that are managed
Oracle HTTP Server listen port / Oracle HTTP Server port 80
Oracle Internet Directory(non-SSL) 389
Oracle HTTP Server SSL port 443
Oracle Internet Directory(SSL) 636
Oracle Net Listener / Enterprise Manager Repository port 1521
Oracle Net Listener 1526
Oracle Names 1575
Oracle Connection Manager (CMAN) 1630
Oracle JDBC for Rdb Thin Server 1701
Oracle Intelligent Agent 1748
Enterprise Manager Servlet port SSL 1810
Oracle Connection Manager Admin (CMAN) 1830
Enterprise ManagerAgent port 1831
Enterprise Manager RMI port 1850
Oracle XMLDB FTP Port 2100
Oracle GIOP IIOP 2481
Oracle GIOP IIOP for SSL 2482
Oracle OC4J RMI 3201

Oracle OC4J AJP 3301

Enterprise Manager Reporting port 3339
Oracle OC4J IIOP 3401

Oracle OC4J IIOPS1 3501

Oracle OC4J IIOPS2 3601

Oracle OC4J JMS 3701

Oracle9iAS Web Cache Admin port 4000
Oracle9iAS Web Cache Invalidation port 4001
Oracle9iAS Web Cache Statistics port 4002
Oracle Internet Directory(SSL) 4031
Oracle Internet Directory(non-SSL) 4032
OracleAS Certificate Authority (OCA) - Server Authentication 4400
OracleAS Certificate Authority (OCA) - Mutual Authentication 4401
Oracle HTTP Server SSL port 4443
Oracle9iAS Web Cache HTTP Listen(SSL) port 4444
Oracle TimesTen 4662
Oracle Enterprise Manager Web Console 5500
iSQLPlus 10g 5560
iSQLPlus 10g 5580
Oracle Notification Service request port 6003
Oracle Notification Service local port 6100
Oracle Notification Service remote port 6200
Oracle9iAS Clickstream Collector Agent 6668
Java Object Cache port 7000
DCM Java Object Cache port 7100
Oracle HTTP Server Diagnostic Port 7200
Oracle HTTP Server Port Tunneling 7501
Oracle HTTP Server listen port / Oracle HTTP Server port 7777
Oracle9iAS Web Cache HTTP Listen(non-SSL) port 7779
Oracle HTTP Server Jserv port 8007
Oracle XMLDB HTTP port 8080
OC4J Forms / Reports Instance 8888
OC4J Forms / Reports Instance 8889
Oracle Forms Server 6 / 6i 9000
Oracle SOAP Server 9998
OS Agent 14000
Oracle Times Ten 15000
Log Loader 44000
Oracle Application Server Edit httpd.conf and restart OHS
Oracle Application Server
Oracle Application Server / Oracle Database Edit listener.ora and restart listener
Oracle Database Edit listener.ora and restart listener
Oracle Database Edit names.ora and restart names server
Oracle Connection Manager Edit cman.ora and restart Connection Manager
Oracle Rdb
Oracle Application Server snmp_rw.ora
Oracle Enterprise Manager
Oracle Connection Manager (CMAN) Edit cman.ora and restart Connection Manager
Oracle Database change dbms_xdb.cfg_update
Oracle Database Edit listener.ora/init.ora and restart listener/database
Oracle Database Edit listener.ora/init.ora and restart listener/database
Oracle Application Server Edit oem_webstage/oem.conf and restart OHS
Oracle Application Server Webcache Admin GUI or webcache.xml
Oracle TimesTen
Oracle TimesTen
Oracle TimesTen
Oracle TimesTen
Oracle TimesTen
Oracle TimesTen
Oracle TimesTen
Oracle Enterprise Manager Web
Oracle i*SQLPlus
Oracle i*SQLPlus RMI Port
Oracle Database change dbms_xdb.cfg_update
Oracle Developer Suite
Oracle Developer Suite
Oracle Times Ten
Oracle Times Ten
Oracle Times Ten
schema package
Alert 68 Jan05 Apr05 July05 Oct05 Jan06 Apr06
CTXSYS CATSEARCH
fixed
CTXSYS CTX_DOC
fixed
CTXSYS CTX_QUERY
fixed
CTXSYS DRIDDLR
fixed
CTXSYS DRILOAD
fixed
CTXSYS DRI_MOVE_CTXSYS
fixed
CTXSYS DRVDML
fixed
CTXSYS DRVXMD
fixed
EXFSYS DBMS_EXPFIL
fixed
MDSYS MD2
fixed
MDSYS PRVT_IDX
fixed
MDSYS PRVT_SAM
fixed
MDSYS RTREE_IDX
fixed
MDSYS SDO_CATALOG
fixed
MDSYS SDO_GEOR_INT
fixed
MDSYS SDO_GEOR_UTL
fixed
MDSYS SDO_GEOM_TRIG_INS1
fixed
MDSYS SDO_LRS_TRIG_INS
fixed
MDSYS SDO_PRIDX
fixed
MDSYS SDO_SAM
fixed
MDSYS SDO_TUNE
fixed
MDSYS SDO_UTIL
fixed
OLAPSYS CWM2_OLAP_AW_AWUTIL
fixed
ORDSYS ORDIMAGE
fixed
ORDSYS ORDIMGIDXMETHODS
SYS AQ_INV
fixed
SYS DBMS_APPLY_PROCESS
fixed
SYS DBMS_APPLY_ADM_INTERNAL
fixed
SYS DBMS_AQADM_SYS
fixed
SYS DBMS_CDC_DPUTIL
fixed
SYS DBMS_CDC_IMPDP
fixed
SYS DBMS_CDC_ISUBSCRIBE
fixed
SYS DBMS_CDC_SUBSCRIBE
fixed
SYS DBMS_CDC_UTILITY
fixed
SYS DBMS_DATAPUMP
fixed
SYS DBMS_DDL
SYS DBMS_DEFER_REPCAT
fixed
SYS DBMS_EXPORT_EXTENSION
fixed
SYS DBMS_FGA
fixed
SYS DBMS_INTERNAL_REPCAT
fixed
SYS DBMS_METADATA
fixed
SYS DBMS_LOGMNR_SESSION
fixed
SYS DBMS_REPCAT
fixed
SYS DBMS_REPCAT_ADMIN
SYS DBMS_REPUTIL
fixed
SYS DBMS_SNAPSHOT_UTL
fixed
SYS DBMS_STATS
SYS DBMS_SYSTEM
fixed
SYS DBMS_XRWMV
SYS DBUPGRADE
SYS KUPF$FILE
fixed
SYS KUPW$WORKER
SYS LTUTIL
fixed
SYS OUTLN_PKG
fixed
SYS OWA_OPT_LOCK
fixed
WKSYS WK_ACL
fixed
WKSYS WK_ADM
fixed
XDB DBMS_XDB
fixed
XDB DBMS_XDBZ0
fixed
XDB
DBMS_XMLSCHEMA fixed
XDB
DBMS_XMLSCHEMA_INT fixed
schema package
Alert 68 Jan05 Apr05 July05 Oct05 Jan06 Apr06
Jul06 now
fixed
fixed
fixed
fixed
fixed
fixed
fixed
Jul06 now

SCORE Oracle v3.1

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

SCORE Oracle v3.1

Caricato da

Copyright:

Formati disponibili

index Name of precautionary measure

1.00.00 Host Operating System security Issues

Potrebbero piacerti anche