oracle voyage worm
I wrote a mini script to protect my customer from being attacked by an "oracle voyage worm" variant :
Than, in OEM 10g, check for policy violations.
I added a few grants to special oracle internal users, to avoid invalid objects, which is also a policy violation in OEM... OEM will report a violation if those accounts are not locked and expired
revoke CREATE DATABASE LINK from CONNECT;
revoke ALL on SYS.UTL_FILE from PUBLIC;
revoke ALL on SYS.UTL_HTTP from PUBLIC;
revoke ALL on SYS.UTL_SMTP from PUBLIC;
revoke ALL on SYS.UTL_TCP from PUBLIC;
grant EXECUTE on SYS.UTL_FILE to XDB;
grant EXECUTE on SYS.UTL_HTTP to MDSYS;
grant EXECUTE on SYS.UTL_HTTP to ORDPLUGINS;
@?/rdbms/admin/utlrp
Than, in OEM 10g, check for policy violations.
I added a few grants to special oracle internal users, to avoid invalid objects, which is also a policy violation in OEM... OEM will report a violation if those accounts are not locked and expired
Posted by Laurent Schneider at 11/21/2005 01:57:00 PM
Permalink : oracle voyage worm
Post to :
del.icio.us -
furl -
digg -
reddit -
co.mments
0 Comments:
Post a Comment
<< Home