listener.ora – ‘trace_directory_listener_name parameter settings’
Details The trace_directory_listener_name must be set to a valid directory owned by the Oracle account and permissions restricted to read/write...
- Home
- Security Hardening
- CIS V1.1.0 Oracle 11G OS Windows L1
CIS V1.1.0 Oracle 11G OS Windows L1
listener.ora – ‘trace_file_listener_name parameter settings’
Details This file must be owned by the Oracle account and permissions restricted to read/write only for the owner and...listener.ora – ‘Verify and set permissions’
Details File permissions must be restricted to the owner of the Oracle software and the dba group. If backup copies...Listener password – ‘Use OS Authentication’
Details It is more secure to use OS authentication, as setting a password on the listener will enable remote administration...Minimal Install – ‘Ensure that only the Oracle components necessary to your environment are selected for installation’
Details Installing components that are not used increases the attack surface of the database server. Level 1, Not Scorable NOTE:...otrace – ‘Disable’ – no .dat files
Details otrace can leak sensitive information userful for an attacker. Level 1, Scorable NOTE: Nessus only determined if the otrace...otrace – ‘Disable’ – no directory
Details otrace can leak sensitive information userful for an attacker. Level 1, Scorable NOTE: Nessus only determined if the otrace...Service or SID name – ‘Non-default’
Details Do not use the default SID or service name of ORACL. It is commonly known and used in many...spfile.ora – ‘Verify and restrict permissions’
Details File permissions must be restricted to the owner of the Oracle software and the dba group. If unprivileged users...sqlnet.ora – ‘log_directory_client parameter settings’
Details The log_directory_client must be set to a valid directory owned by the Oracle account and permissions restricted to read/write...