|
||
|
Title: Oracle file integrity checking on binaries Post by Pete Finnigan on Mar 16th, 2007, 2:08pm Hello, I've been asked to compile a list of Oracle files to be targeted for file integrity checking on a Unix server. My initial thought was to target the ORACLE_HOME of each database running on the database server. Oracle Support couldn't provide any information or publications that address the issue of file integrity checks when I submitted an SR, and agreed with my original idea to target the entire ORACLE_HOME of each database. Our security group has informed me that the number of Oracle files to be checked according to my suggestion is not acceptable and said that I should provide a list of 10 files. Basically we need to define a list of Oracle files that if changed would compromise the security of the Oracle database. Off the top of my head, I'd say that any configuration files (listener.ora, sqlnet.ora, spfileSID.ora, etc.) should be included. What other files should we be looking at? Thanks in advance for all input! Regards, Craig |
||
|
Title: Re: Oracle file integrity checking on binaries Post by Pete Finnigan on Mar 19th, 2007, 12:48am You could fill up more than 10 entries with the bin executables alone. But if you are more interested in files that can be easily edited, then include $ORACLE_HOME/sqlplus/admin/glogin.sql and think about the login files (.profile/.rhosts) of OS users with dba access. |
||
|
Powered by YaBB 1 Gold - SP 1.4! Forum software copyright © 2000-2004 Yet another Bulletin Board |