Database Reference
In-Depth Information
It would be remiss not to do a default and weak password check on the repository DB as follows using a free tool
from http://www.red-database-security.com/software/checkpwd.html .
C:\checkpwd121>checkpwd dbsnmp/*****@//192.168.1.100:1521/ORCL password_file.txt
Checkpwd 1.21 - (c) 2006 by Red-Database-Security GmbH
Oracle Security Consulting, Security Audits & Security Trainings
http://www.red-database-security.com
initializing Oracle client library
connecting to the database
retrieving users and password hash values
disconnecting from the database
opening weak password list file
reading weak passwords list
checking passwords
Starting 1 threads
MGMT_VIEW OK [OPEN]
SYS OK [OPEN]
SYSTEM has weak password ORANGE [OPEN]
DBSNMP has weak password DBSNMP [OPEN]
OLAPSYS has weak password OLAPSYS [OPEN]
SCOTT has weak password TIGER [OPEN]
PROGUID1 has weak password PASSWORD [OPEN]
USEREXAMPLE has weak password USEREXAMPLE [OPEN]
OUTLN has weak password OUTLN [EXPIRED & LOCKED]
MDSYS has weak password MDSYS [EXPIRED & LOCKED]
ORDSYS has weak password ORDSYS [EXPIRED & LOCKED]
EXFSYS has weak password EXFSYS [EXPIRED & LOCKED]
DMSYS has weak password DMSYS [EXPIRED & LOCKED]
WMSYS has weak password WMSYS [EXPIRED & LOCKED]
CTXSYS has weak password CHANGE_ON_INSTALL [EXPIRED & LOCKED]
.................................................
The following output shows that a number of the accounts have weak passwords, which should be made
more complex:
Done. Summary:
Passwords checked : 4639637
Weak passwords found : 26
Elapsed time (min:sec) : 0:36
Passwords / second : 128879
PUBLIC for EM reports
Another long-standing issue for Enterprise Manager has been the use of PUBLIC accounts and permissions, which do
not require a password cracker in order to be abused. For instance, when a report is created in EM, an administrator
has the option to publish the report publicly so that any unauthenticated user can read the report remotely. This is a
handy timesaving feature, but can lead to accidents. If an attacker were to scan an internal subnet for the URLs of this
syntax then they would likely find lots of EM reports, some of which may have been coded insecurely:
http://mgmthost.oraclesecurity.com:7777/em/public/reports
 
Previous Page
Next Page
Protecting Oracle Database 12c
Search WWH ::




Custom Search
Home