大橙子网站建设,新征程启航
为企业提供网站建设、域名注册、服务器等服务
oracle安全性的参数是什么,很多新手对此不是很清楚,为了帮助大家解决这个难题,下面小编将为大家详细讲解,有这方面需求的人可以来学习下,希望你能有所收获。
为桑植等地区用户提供了全套网页设计制作服务,及桑植网站建设行业解决方案。主营业务为网站设计、做网站、桑植网站设计,以传统方式定制建设网站,并提供域名空间备案等一条龙服务,秉承以专业、用心的态度为用户提供真诚的服务。我们深信只要达到每一位用户的要求,就会得到认可,从而选择与我们长期合作。这样,我们也可以走得更远!Oracle Database11g 增加了一组新参数以加强数据库的默认安全性。这些参数是系统范围的静态参数。
(1)使用区分大小写的口令以加强安全性
新参数SEC_CASE_SENSITIVE_LOGON使您可以设置区分大小写的用户口令。Oracle 建议保留默认设置TRUE。将此参数设置为FALSE 可指定不区分大小写的口令以实现向后兼容性。
ALTER SYSTEM SETSEC_CASE_SENSITIVE_LOGON = FALSE
注:禁用区分大小写会使口令在强力攻击面前变得更脆弱。
(2)防止拒绝服务(DoS) 攻击
SEC_PROTOCOL_ERROR_FURTHER_ACTION参数:指定了要对客户机连接执行的操作:继续、断开连接或延迟接受请求。
SEC_PROTOCOL_ERROR_TRACE_ACTION参数:指定了监视操作:NONE、TRACE、LOG 或ALERT。
(3)防止强力攻击
新的初始化参数SEC_MAX_FAILED_LOGIN_ATTEMPTS的默认设置为10,表示在连接尝试达到指定次数后会自动断开连接。即使未启用口令概要文件,也会强制实施此参数。
此参数可以防止程序连接到数据库,然后成百上千次地尝试口令以通过验证。
SEC_PROTOCOL_ERROR_FURTHER_ACTION
SEC_PROTOCOL_ERROR_FURTHER_ACTION specifies the further execution of a server
process when receiving bad packets from a possibly malicious client.
Values:
■ CONTINUE
The server process continues execution. The database server may be subject to a
Denial of Service (DoS) if bad packets cont inue to be sent by a malicious client.
■ (DELAY,integer)
The client experiences a delay of integer seconds before the server process accepts
the next request from the same client co nnection. Malicious cl ients are prevented
from excessive consumption of server resources while legitimate clients experience
a degradation in performance but can continue to function.
■ (DROP, integer)
The server forcefully terminates the client connection after integer cumulative bad
packets. The server protects itself at the ex pense of the client (for example, a client
transaction may be lost). The client may reconnect and attempt the same
operation.
Property Description
Parameter type Integer
Default value 10
Modifiable No
Range of values 1 to unlimited
Basic No
Property Description
Parameter type String
Syntax SEC_PROTOCOL_ERROR_FURTHER_ACTION = { CONTINUE |
(DELAY,integer) | (DROP, integer) }
Default value CONTINUE
Modifiable ALTER SESSION , ALTER SYSTEM
Basic No
SEC_PROTOCOL_ERROR_TRACE_ACTION
1-154 Oracle Database Reference
SEC_PROTOCOL_ERROR_TRACE_ACTION
SEC_PROTOCOL_ERROR_TRACE_ACTION specifies the action th at the database should
take when bad packets are received from a possibly malicious client.
Values:
■ NONE
The database server ignores the bad packets and does not generate any trace files
or log messages.
■ TRACE
A detailed trace file is generated when bad packets are received, which can be
used to debug any problems in client/server communication.
■ LOG
A minimal log message is printed in the alert logfile and in the server trace file. A
minimal amount of disk space is used.
■ ALERT
An alert message is sent to a DBA or monitoring console.
看完上述内容是否对您有帮助呢?如果还想对相关知识有进一步的了解或阅读更多相关文章,请关注创新互联-成都网站建设公司行业资讯频道,感谢您对创新互联的支持。