An easily overlooked Oracle Security Issue

Database security has always been one of the focuses of attention. We know that if a database of an enterprise or institution is attacked by hackers, these databases store very important data, databases such as banks and communications have disastrous consequences. Oracle databases use multiple methods to ensure database security, such as passwords, roles, and permissions.

As Oracle Database Administrators know, after a typical database system is installed, the system, system, and internal users generally have the default password. After the database is successfully installed, the first task of the system administrator is to modify the passwords of these users to ensure database security. However, many administrators often ignore one of the security issues, which we will discuss in detail below.

After the Oracle database system is installed in a typical mode, in addition to creating several outdoor applications described earlier, a user called Dbsnmp is automatically created, this user is responsible for running the intelligent proxy (Intelligent Agent) of the Oracle system. The default password of this user is "Dbsnmp ". If you forget to modify the password of this user, anyone can access the database system through this user. Now let's take a look at the permissions and roles that the user has, and analyze the potential losses that the user may cause to the database system.

Start the SQL/plus program and use this user to log on:

.
SQL> select * From session_privs;
Create session
Alter session
Unlimited tablespace
Create Table
Create Cluster
Create Synonym
Create public Synonym
Create View
Create Sequence
CREATE DATABASE LINK
Create procedure
Create trigger
Analyze any
Create type
Create Operator
Create indextype
It can be seen that this user is not a sys or system management user. However, it has two system-level permissions: unlimited tablespace and create public synonym.

When you see these two permissions, you should immediately think that these are security risks, especially unlimited tablespace, which is one of the attack points that damage the database system. If you still think that using this unmodified password to log on to the database will not cause any loss, I have to remind you that the user has the system permission of unlimited tablespace, it can write a small script, and then maliciously fill the system with junk data, so that the database system will not run, and will directly lead to the final paralysis. At present, many database systems require 7x24 jobs. If the system is filled with junk data, the irreparable loss may occur when the database system recovers.

To ensure the absolute security of the Oracle database system, it is strongly recommended that the database administrator modify the user's default password, so as not to leave a "convenient Portal" for malicious users ".