In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-04 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/01 Report--
What are the parameters of oracle security, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain for you in detail, people with this need can come to learn, I hope you can gain something.
Oracle Database11g adds a new set of parameters to strengthen the default security of the database. These parameters are system-wide static parameters.
(1) use case-sensitive passwords to enhance security
The new parameter SEC_CASE_SENSITIVE_LOGON allows you to set case-sensitive user passwords. Oracle recommends that you keep the default setting of TRUE. Set this parameter to FALSE to specify a case-insensitive password for backward compatibility.
ALTER SYSTEM SETSEC_CASE_SENSITIVE_LOGON = FALSE
Note: disabling case sensitivity makes passwords more vulnerable to brute force attacks.
(2) prevent denial of service (DoS) attacks
The SEC_PROTOCOL_ERROR_FURTHER_ACTION parameter: specifies the action to be performed on the client connection: continue, disconnect, or delay accepting the request.
SEC_PROTOCOL_ERROR_TRACE_ACTION parameter: a monitoring operation is specified: NONE, TRACE, LOG, or ALERT.
(3) prevent brute force attacks
The default setting of the new initialization parameter SEC_MAX_FAILED_LOGIN_ATTEMPTS is 10, which means that the connection is automatically disconnected after the specified number of connection attempts are reached. This parameter is enforced even if the password profile is not enabled.
This parameter prevents the program from connecting to the database and then trying the password hundreds of times to pass authentication.
SEC_PROTOCOL_ERROR_FURTHER_ACTION
SEC_PROTOCOL_ERROR_FURTHER_ACTION specifies the further execution of a server
Process when receiving bad packets from a possibly malicious client.
Values:
■ CONTINUE
The server process continues execution. The database server may be subject to a
Denial of Service (DoS) if bad packets cont inue to be sent by a malicious client.
■ (DELAY,integer)
The client experiences a delay of integer seconds before the server process accepts
The next request from the same client co nnection. Malicious cl ients are prevented
From excessive consumption of server resources while legitimate clients experience
A degradation in performance but can continue to function.
■ (DROP, integer)
The server forcefully terminates the client connection after integer cumulative bad
Packets. The server protects itself at the ex pense of the client (for example, a client
Transaction may be lost). The client may reconnect and attempt the same
Operation.
Property Description
Parameter type Integer
Default value 10
Modifiable No
Range of values 1 to unlimited
Basic No
Property Description
Parameter type String
Syntax SEC_PROTOCOL_ERROR_FURTHER_ACTION = {CONTINUE |
(DELAY,integer) | (DROP, integer)}
Default value CONTINUE
Modifiable ALTER SESSION, ALTER SYSTEM
Basic No
SEC_PROTOCOL_ERROR_TRACE_ACTION
1-154 Oracle Database Reference
SEC_PROTOCOL_ERROR_TRACE_ACTION
SEC_PROTOCOL_ERROR_TRACE_ACTION specifies the action th at the database should
Take when bad packets are received from a possibly malicious client.
Values:
■ NONE
The database server ignores the bad packets and does not generate any trace files
Or log messages.
■ TRACE
A detailed trace file is generated when bad packets are received, which can be
Used to debug any problems in client/server communication.
■ LOG
A minimal log message is printed in the alert logfile and in the server trace file. A
Minimal amount of disk space is used.
■ ALERT
An alert message is sent to a DBA or monitoring console.
Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.