0


等保测评常用命令

数据库测评

Oracle安全测评

登陆方法

终端输入:

sqlplus

输入账号密码

口令复杂度
select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_VERIFY_FUNCTION';
口令长度
utlpwdmg.sql

存放位置

$ORACLE_HOME/rdbms/admin
 cat utlpwdmg.sql | grep length
口令定期周期
select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_LIFE_TIME';
登陆失败限制策略
select limit from dba_profiles where profile='DEFAULT' and resource_name='FAILED_LOGIN_ATTEMPTS';
登陆失败锁定策略
select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_LOCK_TIME';
登陆超时退出策略
select limit from dba_profiles where profile='DEFAULT' and resource_name='IDLE_TIME';
是否启用加密协议
cat $ORACLE_HOME/netwotk/admin/listener.ora

**

TCPS

**

cat $ORACLE_HOME/network/admin/tnsnames.ora
cat $ORACLE_HOME/network/admin/sqlnet.ora

示例文件路径:

$ORACLE_HOME/network/admin/samples/
弱口令

system:manager

sys:CHANGE_ON_INSTALL

oracle:oracle/admin/ora+版本号

system:oracle/admin

查看范例数据库账号
select username, account_status from dba_users; 
是否创建了策略
select policy_name, status from DBA_SA_POLICIES;
是否创建了级别
select * from dba_sa_level order by level_num;
查看标签创建情况
select * from dba_sa_labels;
查看策略与模式、表的对应关系
select * from dba_sa_tables_policies;
是否开启审计功能
select value from v$parameter where name='audit_trail';
查询日志文件的位置
show parameter dump_dest;
查看数据库、表空间、对象的日志记录模式
select log_mode,force_logging from v$database;
select tablespace_name, logging,force_logging from dba_tablespaces;
select table_name,logging from user_tables;
检查审计权限是否被严格限制
alter system set audit_trail=none
限制远程链接IP地址

查看

sqlnet.ora

文件中的

tcp.validnode_checking

tcp

invited_nodes

的配置参数

cat sqlnet.ora | grep tcp.avalidnode
查看oracle补丁安装情况
opatch lspatches

MySQL安全测评

查询账号
select user,host from mysql.user;
查询是否存在空口令用户

MySQL5.7之前

select * from mysql.user where length(password) = 0 or password is null;

MySQL5.7之后

select * from mysql.user where length(authentication_string)= 0 or authentication_string is null;
查看用户口令复杂度配置
show variables like 'validate%';
SHOW VARIABLES LIKE '%password%';
查看登陆失败处理功能
show variables like '%max_connect_errors%';
show variables like '%timeout%';
查看远程管理是否启用加密
show variables like '%have_ssl%';
查看账户分配和权限
select user,host from mysql.user;
show grants for 'xxxx'@'localhost';
查看root账户是否被重命名或删除
select user,host from mysql.user;
查看无关账户
select * from mysql.user where user=' ';
select user,host from mysql.user;
查看访问控制权限
select * from mysql.user\G;
 select * from mysql.db\G;
select * from mysql.tables_priv\G;
select * from mysql.columns_priv\G;
查看日志内容
show variables like 'log_%';
查看用户登陆IP
show grants for root@localhost;
查看补丁安装情况
show variables where variable_name like "version";

操作系统测评

Linux测评

查看登录密码设置规则
cat /etc/login.defs
cat /etc/pam.d/login
查看是否配置登陆失败处理功能
cat /etc/pam.d/login

cat /etc/pam.d/system-auth
cat /etc/pam.d/sshd
查看远程登录
service --status-all | grep sshd
 netstat -ant | grep 22
service --status-all | grep running
查看是否存在默认账户
cat /etc/shadow
查看root用户是否能远程登录
cat /etc/ssh/sshd_config
查看安全审计的守护进程
service auditd status
service rsyslog status
ps -ef |grep auditd
查看安全事件的配置
grep "@priv-ops" /etc/audit/filter.conf
more /etc/audit/audit.rules
cat /etc/hosts.allow
cat /etc/hosts.deny
标签: oracle 数据库 dba

本文转载自: https://blog.csdn.net/Liuzixuan0207/article/details/127688148
版权归原作者 JoJO!! 所有, 如有侵权,请联系我们删除。

“等保测评常用命令”的评论:

还没有评论