Passwords can from 11G R1 onwards become case sensitive ( by default )
If you migrate from a previous release to 11G, user password for user which already existed in the older version aren' t case sensitive until you change the password.
SQL> show parameter sec_case_sensitive_logon
NAME TYPE VALUE
sec_case_sensitive_logon boolean TRUE
The number of connection attempts can be limited with an instance initialization parameter. After n number of attempts the connection is dropped.
SQL> show parameter sec_max_failed_login_attempts
NAME TYPE VALUE
sec_max_failed_login_attempts integer 10
What should be done when there are possible malicious connection attempts ( bad packets )
SQL> show parameter sec_protocol_error_trace_action
NAME TYPE VALUE
sec_protocol_error_trace_action string TRACE
What should the server process do when bad packets are received from the client
Possible values are CONTINUE, DELAY ( delay n seconds before next requests are allowed ), DROP ( drop connection after n bad packets )
SQL> show parameter sec_protocol_error_further_action
NAME TYPE VALUE
sec_protocol_error_further_action string CONTINUE
Should the exact database version be returned to the clients who are connecting ?
SQL> show parameter sec_return_server_release_banner
NAME TYPE VALUE
sec_return_server_release_banner boolean FALSE
The DBA can also compile the function verify_function_11G to enforce password complexity
PLATINUM_SYS > start ?/rdbms/admin/utlpwdmg.sql;
Function created.
Profile altered. >>>> default profile is altered
Function created.
PLATINUM_SYS >desc verify_function_11G;
FUNCTION verify_function_11G RETURNS BOOLEAN
Argument Name Type In/Out Default?
------------------------------ ----------------------- ------ --------
USERNAME VARCHAR2 IN
PASSWORD VARCHAR2 IN
OLD_PASSWORD VARCHAR2 IN
PLATINUM_SYS > alter profile default LIMIT password_verify_function NULL;
Profile altered.
By default some privileges are audited and the audit trail is in the database
16:47:33 SILVER > show parameter audit
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
audit_file_dest string /u01/app/oracle/admin/SILVER/adump
audit_sys_operations boolean FALSE
audit_syslog_level string
audit_trail string DB
16:47:57 SILVER> select privilege from DBA_PRIV_AUDIT_OPTS order by 1;
PRIVILEGE
----------------------------------------
ALTER ANY PROCEDURE
ALTER ANY TABLE
ALTER DATABASE
ALTER PROFILE
ALTER SYSTEM
ALTER USER
AUDIT SYSTEM
CREATE ANY JOB
CREATE ANY LIBRARY
CREATE ANY PROCEDURE
CREATE ANY TABLE
CREATE EXTERNAL JOB
CREATE PUBLIC DATABASE LINK
CREATE SESSION
CREATE USER
DROP ANY PROCEDURE
DROP ANY TABLE
DROP PROFILE
DROP USER
EXEMPT ACCESS POLICY
GRANT ANY OBJECT PRIVILEGE
GRANT ANY PRIVILEGE
GRANT ANY ROLE
23 rows selected.
16:48:02 SILVER > select count(*) from DBA_OBJ_AUDIT_OPTS;
COUNT(*)
----------------
0