init.ora – ‘log_archive_dest_n parameter settings’
Details File permissions must be restricted to the owner of the Oracle software and the dba group. For complex configurations...
- Home
- Security Hardening
- CIS V1.1.0 Oracle 11G OS Windows L1
CIS V1.1.0 Oracle 11G OS Windows L1
init.ora – ‘remote_listener = NULL String’
Details Prevent the use of a listener on a remote machine separate from the database instance. Level 1, Scorable Supportive...init.ora – ‘remote_os_authent = FALSE’
Details This setting has been deprecated, however is maintained for backwards compatibility. If this setting is used it is recommended...init.ora – ‘remote_os_roles = FALSE’
Details Connection spoofing must be prevented. Level 1, Scorable Supportive Information The following resource is also helpful. https://workbench.cisecurity.org/files/580 This security...init.ora – ‘Verify and restrict permissions’
Details File permissions must be restricted to the owner of the Oracle software and the dba group. If unprivileged users...init.ora – ‘Verify permissions of file referenced by ifile parameter’
Details File permissions must be restricted to the owner of the Oracle software and the dba group. If the ifile...init.ora – ‘_trace_file_public = FALSE’
Details Prevents users from having the ability to read trace files which may contain sensitive information about the running Oracle...Installation – ‘Try to ensure that no other users are connected while installing Oracle 11g’
Details The Oracle 11g installer application could potentially create files, accounts, or setting with public privileges. An attacker may leverage...listener.ora – ‘Change default name of listener’
Details The listener must not be called by the default name as it is commonly known. A distinct name must...listener.ora – ‘log_file_listener parameter settings’
Details The log_file_listener file must be set to a valid directory owned by the Oracle account and permissions restricted to...