Call: +44 (0)1904 557620 Call
Blog

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Oracle password crackers"] [Next entry: "UKOUG starts tomorrow"]

10gR2 and failed_login_attempts



There was a nice post on the pythian group today about the fact that Oracle since 10.2.0.2 has set a value for the failed_login_attempts parameter of the DEFAULT profile. This caused an issue for Alex Gorbachev. Its an interesting conflict between adding security to Oracle and causing problems with existing systems and migrations. Also note my comments on defining specific values for profiles for different groups of users. The post is titled http://www.pythian.com/blogs/284/oracle-102-migrations-%e2%80%93-account-lockedtimed-and-failed_login_attempts - (broken link) Oracle 10.2 Migrations – Account LOCKED(TIMED) and FAILED_LOGIN_ATTEMPTS