SELECT UPPER(VALUE)
FROM V$SYSTEM_PARAMETER
WHERE UPPER(NAME)='REMOTE_LOGIN_PASSWORDFILE';
ALTER SYSTEM SET REMOTE_LOGIN_PASSWORDFILE = 'NONE' SCOPE = SPFILE;
Deprecated in 12.1 amd higher.
Default: FALSE
Recommended: FALSE
SELECT UPPER(VALUE)
FROM V$SYSTEM_PARAMETER
WHERE UPPER(NAME)='REMOTE_OS_AUTHENT';
ALTER SYSTEM SET REMOTE_OS_AUTHENT = FALSE SCOPE = SPFILE;
Default: TRUE
If TRUE then passwords are case sensitive.
Recommended: TRUE
SELECT UPPER(VALUE)
FROM V$SYSTEM_PARAMETER
WHERE UPPER(NAME)='SEC_CASE_SENSITIVE_LOGON';
ALTER SYSTEM SET SEC_CASE_SENSITIVE_LOGON = TRUE SCOPE = SPFILE;
Governs number of failed authentication attempts that can be made by a client before connection is dropped.
Default: 3
Recommended: 3 (or less)
SELECT UPPER(VALUE)
FROM V$SYSTEM_PARAMETER
WHERE UPPER(NAME)='SEC_MAX_FAILED_LOGIN_ATTEMPTS';
ALTER SYSTEM SET SEC_MAX_FAILED_LOGIN_ATTEMPTS = 3 SCOPE = SPFILE;
This change will take effect at database instance restartGoverns what happens when receiving bad packets from a client;
Default: (DROP,3)
Recommended: (DROP,3)
SELECT UPPER(VALUE)
FROM V$SYSTEM_PARAMETER
WHERE UPPER(NAME)='SEC_PROTOCOL_ERROR_FURTHER_ACTION';
ALTER SYSTEM SET SEC_PROTOCOL_ERROR_FURTHER_ACTION = '(DROP,3)' SCOPE = BOTH;
(Recommended, Default)Forcefully terminate connection after 3 bad packets
ALTER SYSTEM SET SEC_PROTOCOL_ERROR_FURTHER_ACTION = '(DELAY,9)' SCOPE = BOTH;
Wait for 9 seconds before accepting the next request from a connection where the previous packet was bad.
ALTER SYSTEM SET SEC_PROTOCOL_ERROR_FURTHER_ACTION = '(CONTINUE)' SCOPE = BOTH;
Carry on regardless of bad packets. This puts you at risk of a Denial of Service (DoS) attack.
Default: TRACE
Recommended: LOG
SELECT UPPER(VALUE)
FROM V$SYSTEM_PARAMETER
WHERE UPPER(NAME)='SEC_PROTOCOL_ERROR_TRACE_ACTION';