oracle数据库的安全性
系统安全日志文件的目录在/var/log 下,主要检查登录失败或成功的用户日志信息。
检查登录成功的日志
Last login: Thu Jan 12 16:08:37 2017 from 192.168.8.17
[root@TEST ~]# grep -i accepted /var/log/secure
Jan 9 17:52:56 test sshd[27553]: Accepted password for root from 192.168.8.17 port 49715 ssh2
Jan 9 18:13:13 test sshd[27747]: Accepted password for root from 192.168.8.17 port 50280 ssh2
Jan 9 22:42:52 test sshd[29052]: Accepted password for root from 192.168.9.252 port 34377 ssh2
Jan 9 22:43:27 test sshd[29069]: Accepted password for root from 192.168.8.17 port 55816 ssh2
Jan 9 22:56:38 test sshd[29206]: Accepted password for root from 192.168.8.17 port 56057 ssh2
Jan 9 22:57:09 test sshd[29235]: Accepted password for oracle from 192.168.8.17 port 56070 ssh2
Jan 9 23:25:46 test sshd[29388]: Accepted password for oracle from 192.168.8.17 port 57027 ssh2
Jan 9 16:49:12 test sshd[29730]: Accepted password for root from 192.168.8.17 port 59144 ssh2
Jan 9 17:01:30 test sshd[29824]: Accepted password for root from 192.168.8.17 port 59605 ssh2
Jan 10 09:12:59 test sshd[446]: Accepted password for root from 192.168.8.17 port 49465 ssh2
Jan 10 15:06:38 test sshd[1543]: Accepted password for root from 192.168.8.17 port 63341 ssh2
Jan 10 15:22:49 test sshd[1649]: Accepted password for root from 192.168.8.17 port 64060 ssh2
Jan 10 15:23:55 test sshd[1680]: Accepted password for root from 192.168.8.17 port 64067 ssh2
Jan 10 15:25:04 test sshd[1708]: Accepted password for root from 192.168.8.17 port 64073 ssh2
Jan 10 17:24:59 test sshd[2306]: Accepted password for oracle from 192.168.9.252 port 33326 ssh2
Jan 10 17:27:28 test sshd[2334]: Accepted password for oracle from 192.168.9.252 port 33419 ssh2
Jan 10 17:29:03 test sshd[2356]: Accepted password for root from 192.168.9.252 port 33478 ssh2
Jan 10 17:31:17 test sshd[2379]: Accepted password for root from 192.168.9.252 port 33551 ssh2
Jan 10 17:50:02 test sshd[2442]: Accepted password for root from 192.168.8.17 port 52820 ssh2
Jan 11 09:35:50 test sshd[6586]: Accepted password for root from 192.168.8.17 port 50694 ssh2
Jan 11 17:06:04 test sshd[8012]: Accepted password for root from 192.168.8.17 port 58947 ssh2
Jan 12 16:08:36 test sshd[13037]: Accepted password for root from 192.168.8.17 port 54229 ssh2
Jan 13 09:26:06 test sshd[19899]: Accepted password for root from 192.168.8.17 port 50475 ssh2
检查登录失败的日志
[root@TEST ~]# grep -i failed /var/log/secure
Jan 9 22:42:44 test sshd[29052] : Failed password for root from 192.168.9.252 port 34377 ssh2
Jan 10 17:24:57 test sshd[2306]: Failed password for oracle from 192.168.9.252 port 33326 ssh2
Jan 10 17:31:13 test sshd[2379]: Failed password for root from 192.168.9.252 port 33551 ssh2
[root@TEST ~]# grep -i invalied /var/log/secure
登录失败日志中 有failed invalied 说明登录失败 被拒绝 应该做出系统警告通知。
2.检查用户修改密码
在数据库系统上往往存在很多的用户,如第三方数据库监控系统,初始安装数据库时的演示用户,管路员用户等等,这
些用户的密码往往是提前写好的,会被很多人知道,会被别有用心的人利用来攻击系统甚至进行修改数据。需要修改密
码的用户有:
数据库管理员用户 sys system
其他用户
登录系统后,提示符下输入 cat /etc/passwd 在列出的用户中查看是否存在已经不用和陌生的账号。
若存在,则记录为异常。
修改密码方法:
[root@TEST ~]# cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
SQL> alter user user_name identified by password;
alter user user_name identified by password
*
ERROR at line 1:
ORA-01918: user 'USER_NAME' does not exist
- 检查系统安全信息
- 定期修改密码
系统安全日志文件的目录在/var/log 下,主要检查登录失败或成功的用户日志信息。
检查登录成功的日志
Last login: Thu Jan 12 16:08:37 2017 from 192.168.8.17
[root@TEST ~]# grep -i accepted /var/log/secure
Jan 9 17:52:56 test sshd[27553]: Accepted password for root from 192.168.8.17 port 49715 ssh2
Jan 9 18:13:13 test sshd[27747]: Accepted password for root from 192.168.8.17 port 50280 ssh2
Jan 9 22:42:52 test sshd[29052]: Accepted password for root from 192.168.9.252 port 34377 ssh2
Jan 9 22:43:27 test sshd[29069]: Accepted password for root from 192.168.8.17 port 55816 ssh2
Jan 9 22:56:38 test sshd[29206]: Accepted password for root from 192.168.8.17 port 56057 ssh2
Jan 9 22:57:09 test sshd[29235]: Accepted password for oracle from 192.168.8.17 port 56070 ssh2
Jan 9 23:25:46 test sshd[29388]: Accepted password for oracle from 192.168.8.17 port 57027 ssh2
Jan 9 16:49:12 test sshd[29730]: Accepted password for root from 192.168.8.17 port 59144 ssh2
Jan 9 17:01:30 test sshd[29824]: Accepted password for root from 192.168.8.17 port 59605 ssh2
Jan 10 09:12:59 test sshd[446]: Accepted password for root from 192.168.8.17 port 49465 ssh2
Jan 10 15:06:38 test sshd[1543]: Accepted password for root from 192.168.8.17 port 63341 ssh2
Jan 10 15:22:49 test sshd[1649]: Accepted password for root from 192.168.8.17 port 64060 ssh2
Jan 10 15:23:55 test sshd[1680]: Accepted password for root from 192.168.8.17 port 64067 ssh2
Jan 10 15:25:04 test sshd[1708]: Accepted password for root from 192.168.8.17 port 64073 ssh2
Jan 10 17:24:59 test sshd[2306]: Accepted password for oracle from 192.168.9.252 port 33326 ssh2
Jan 10 17:27:28 test sshd[2334]: Accepted password for oracle from 192.168.9.252 port 33419 ssh2
Jan 10 17:29:03 test sshd[2356]: Accepted password for root from 192.168.9.252 port 33478 ssh2
Jan 10 17:31:17 test sshd[2379]: Accepted password for root from 192.168.9.252 port 33551 ssh2
Jan 10 17:50:02 test sshd[2442]: Accepted password for root from 192.168.8.17 port 52820 ssh2
Jan 11 09:35:50 test sshd[6586]: Accepted password for root from 192.168.8.17 port 50694 ssh2
Jan 11 17:06:04 test sshd[8012]: Accepted password for root from 192.168.8.17 port 58947 ssh2
Jan 12 16:08:36 test sshd[13037]: Accepted password for root from 192.168.8.17 port 54229 ssh2
Jan 13 09:26:06 test sshd[19899]: Accepted password for root from 192.168.8.17 port 50475 ssh2
检查登录失败的日志
[root@TEST ~]# grep -i failed /var/log/secure
Jan 9 22:42:44 test sshd[29052] : Failed password for root from 192.168.9.252 port 34377 ssh2
Jan 10 17:24:57 test sshd[2306]: Failed password for oracle from 192.168.9.252 port 33326 ssh2
Jan 10 17:31:13 test sshd[2379]: Failed password for root from 192.168.9.252 port 33551 ssh2
[root@TEST ~]# grep -i invalied /var/log/secure
登录失败日志中 有failed invalied 说明登录失败 被拒绝 应该做出系统警告通知。
2.检查用户修改密码
在数据库系统上往往存在很多的用户,如第三方数据库监控系统,初始安装数据库时的演示用户,管路员用户等等,这
些用户的密码往往是提前写好的,会被很多人知道,会被别有用心的人利用来攻击系统甚至进行修改数据。需要修改密
码的用户有:
数据库管理员用户 sys system
其他用户
登录系统后,提示符下输入 cat /etc/passwd 在列出的用户中查看是否存在已经不用和陌生的账号。
若存在,则记录为异常。
修改密码方法:
[root@TEST ~]# cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
SQL> alter user user_name identified by password;
alter user user_name identified by password
*
ERROR at line 1:
ORA-01918: user 'USER_NAME' does not exist
来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/31419698/viewspace-2132376/,如需转载,请注明出处,否则将追究法律责任。
转载于:http://blog.itpub.net/31419698/viewspace-2132376/
650
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
