Advanced Defense and Forensic Response - Protecting Oracle Database 12c

Database Reference

In-Depth Information

================================================================================

Package Arch Version Repository Size

================================================================================

Installing:

tripwire x86_64 2.4.1.2-11.el6 /tripwire-2.4.1.2-11.el6.x86_64 3.7 M

Transaction Summary

================================================================================

Install 1 Package(s)

Total size: 3.7 M

Installed size: 3.7 M

Is this ok [y/N]: y

Downloading Packages:

Running rpm_check_debug

Running Transaction Test

Transaction Test Succeeded

Running Transaction

Installing : tripwire-2.4.1.2-11.el6.x86_64 1/1

Installed:

tripwire.x86_64 0:2.4.1.2-11.el6

Complete!

Next, set up the site and local keyfiles, which require a key phrase to represent the security secret upon which the

Tripwire configuration is based. The two passphrases must be different from each other, as shown:

root@orlin $ tripwire-setup-keyfiles

----------------------------------------------

The Tripwire site and local passphrases are used to sign a variety of

files, such as the configuration, policy, and database files....

Then initialize Tripwire as follows:

root@orlin $ tripwire --init

Please enter your local passphrase:

Parsing policy file: /etc/tripwire/tw.pol

Generating the database...

*** Processing Unix File System ***

### Warning: File system error.

### Filename: /dev/kmem

### No such file or directory

...........................

### Filename: /root/oracle/beta_121/software/emdb12_linux64_disk3.zip

### Success

### Exiting...

We ignore the errors regarding missing directories. Tripwire is checking comprehensively for all possible

directories, so the error reporting here is verbose and not actually an error.

Then it is a case of initializing the database and writing the policy, which will include the non-Oracle OS files

to be integrity-checked. I followed the instructions at http://www.linuxjournal.com/article/8758 . The Center

of Internet Security also produces a Tripwire policy to cover the different Unices as well as Oracle Database. It is

available at http://www.cisecurity.org

Protecting Oracle Database 12c

Search WWH ::

Custom Search

Home