0 false Query=OEM_ADVISOR Role;;select ROLE from DBA_ROLES where ROLE = 'OEM_ADVISOR';1000;1024 0 -1 true Query=SNMPAGENT Role;;select ROLE from DBA_ROLES where ROLE = 'SNMPAGENT';1000;1024 0 -1 true Query=OEM_MONITOR Role;;select ROLE from DBA_ROLES where ROLE = 'OEM_MONITOR';1000;1024 0 -1 true Query=DBSNMP User;;select USERNAME from DBA_USERS where lower(USERNAME) = 'dbsnmp';1000;1024 0 -1 true 1 SHA-1 1 MD5 SHA-1 0 false Query=Revoke Assignments of Roles to Proxy Users;;select distinct r.GRANTEE, r.GRANTED_ROLE, s.PRIVILEGE from DBA_ROLE_PRIVS r, DBA_SYS_PRIVS s where r.GRANTEE in (select PROXY from PROXY_USERS) and r.GRANTED_ROLE = s.GRANTEE;1000;1024 0 -1 true Query=Limit the user schema privileges to 'CREATE SESSION' only on DBA_TAB_PRIVS;;select distinct GRANTEE, PRIVILEGE from DBA_TAB_PRIVS where privilege != 'CREATE SESSION' and GRANTEE in (select PROXY from PROXY_USERS);1000;1024 0 -1 true Query=Prevent granting of privileges that have WITH ADMIN_OPTION;;select grantee, privilege from dba_sys_privs where grantee not in ('SYS','SYSTEM','AQ_ADMINISTRATOR_ROLE','DBA','MDSYS','LBACSYS','SCHEDULER_ADMIN','WMSYS') and admin_option='YES' and grantee not in (select grantee from dba_role_privs where granted_role='DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to DBA_SYS_PRIVS table;;select privilege from dba_sys_privs where grantee='PUBLIC';1000;1024 0 -1 true Query=Deny access to DBMS_SQL;;select GRANTEE, TABLE_NAME from DBA_TAB_PRIVS where TABLE_NAME = 'DBMS_SQL' and GRANTEE = 'PUBLIC' and PRIVILEGE = 'EXECUTE';1000;1024 0 -1 true Query=Prevent access to any V$ views;;select distinct GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and table_name like 'V$%' and grantee not in ('SYS', 'DBA') Order by GRANTEE;1000;1024 0 -1 true Query=CATALOG;;select GRANTEE from DBA_ROLE_PRIVS where GRANTED_ROLE in ('SELECT_CATALOG_ROLE', 'EXECUTE_CATALOG_ROLE', 'DELETE_CATALOG_ROLE', 'RECOVERY_CATALOG_OWNER') and GRANTEE not in ( 'DBA', 'EXP_FULL_DATABASE', 'IMP_FULL_DATABASE', 'IX', 'MDSYS', 'OLAP_DBA', 'OLAP_USER', 'SH', 'SYS', 'WKUSER' );1000;1024 0 -1 true Query=Prevent Assignment of DBA;;SELECT GRANTEE FROM DBA_ROLE_PRIVS WHERE GRANTED_ROLE='DBA' and GRANTEE not in ('SYS', 'SYSTEM','SYSMAN');1000;1024 0 -1 true Query=Review Privileges Granted to PUBLIC;;SELECT GRANTEE FROM DBA_ROLE_PRIVS WHERE GRANTED_ROLE='PUBLIC';1000;1024 0 -1 true Query=default_tablespace;;select USERNAME from DBA_USERS where USERNAME not in ('SYS', 'SYSTEM') and DEFAULT_TABLESPACE = 'SYSTEM' Order By USERNAME;1000;1024 0 -1 true Query=Prevent access to SYS.AUD;;select d.GRANTEE,v.VALUE as AUDIT_TRAIL from DBA_TAB_PRIVS d, v$parameter v where d.OWNER = 'SYS' and d.TABLE_NAME = 'AUD$' and d.GRANTEE not in ('SYS','DBA') and v.name = lower('audit_trail') Order by d.GRANTEE;1000;1024 0 -1 true Query=Prevent access to SYS.USER_HISTORY;;select GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and TABLE_NAME = 'USER_HISTORY$' and GRANTEE not in ('SYS', 'DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to SYS.LINK;;select GRANTEE from DBA_TAB_PRIVS where owner = 'SYS' and TABLE_NAME = 'LINK$' and grantee not in ('SYS', 'DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to SYS.USER;;select GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and TABLE_NAME = 'USER$' and grantee not in ('SYS', 'DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to SYS.SOURCE;;select GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and TABLE_NAME = 'SOURCE$' and grantee not in ('SYS', 'DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to PERFSTAT.STATS$SQLTEXT;;select GRANTEE from DBA_TAB_PRIVS where TABLE_NAME = 'STATS$SQLTEXT' and OWNER = 'PERFSTAT' Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to PERFSTAT.STATS$SQL_SUMMARY;;select GRANTEE from DBA_TAB_PRIVS where TABLE_NAME = 'STATS$SQL_SUMMARY' and OWNER = 'PERFSTAT' Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to any X$ table;;select GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and table_name like 'X$%' and grantee not in ('SYS', 'DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to any DBA_views;;select distinct GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and table_name LIKE 'DBA!_%'escape'!' and grantee not in ('SYS', 'DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to any V_$ views;;select distinct GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and table_name like 'V_$%' and grantee not in ('SYS', 'DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to ALL_SOURCE;;select GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and TABLE_NAME = 'ALL_SOURCE' and grantee not in ('SYS') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to DBA_ROLES;;select GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and TABLE_NAME = 'DBA_ROLES' and grantee not in ('SYS', 'DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to DBA_SYS_PRIVS;;select GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and TABLE_NAME = 'DBA_SYS_PRIVS' and grantee not in ('SYS', 'DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to DBA_ROLE_PRIVS;;select GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and TABLE_NAME = 'DBA_ROLE_PRIVS' and grantee not in ('SYS', 'DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to DBA_TAB_PRIVS;;select GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and TABLE_NAME = 'DBA_TAB_PRIVS' and grantee not in ('SYS', 'DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to DBA_USERS;;select GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and TABLE_NAME = 'DBA_USERS' and grantee not in ('SYS', 'DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to ROLE_ROLE_PRIVS;;select GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and TABLE_NAME = 'ROLE_ROLE_PRIVS' and grantee not in ('SYS', 'DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to USER_TAB_PRIVS;;select GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and TABLE_NAME = 'USER_TAB_PRIVS' and grantee not in ('SYS', 'DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to USER_ROLE_PRIVS;;select GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and TABLE_NAME = 'USER_ROLE_PRIVS' and grantee not in ('SYS', 'DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent access to any V$ synonym;;select table_name, PRIVILEGE, GRANTEE from DBA_TAB_PRIVS where OWNER = 'SYS' and table_name in (select table_name from ALL_SYNONYMS where table_name like('V$%')) and grantee not in ('SYS', 'DBA');1000;1024 0 -1 true Query=Restrict system privileges;;select * from DBA_SYS_PRIVS where privilege != 'CREATE SESSION' and GRANTEE not in ( 'AQ_ADMINISTRATOR_ROLE', 'DBA', 'DBSNMP', 'EXFSYS', 'EXP_FULL_DATABASE', 'IMP_FULL_DATABASE', 'IX', 'JAVADEBUGPRIV', 'MDSYS', 'OEM_MONITOR', 'OLAPSYS', 'OLAP_DBA', 'ORDPLUGINS', 'ORDSYS', 'OUTLN', 'SCHEDULER_ADMIN', 'SYS', 'SYSMAN', 'SYSTEM', 'WKSYS' ) order by GRANTEE;1000;1024 0 -1 true Query=Prevent granting of EXEMPT ACCESS POLICY (EAP);;select GRANTEE from DBA_SYS_PRIVS where PRIVILEGE = 'EXEMPT ACCESS POLICY' AND GRANTEE not in ('SYS','DBA') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent granting of privileges that have WITH ADMIN;;select GRANTEE, privilege from DBA_SYS_PRIVS where ADMIN_OPTION = 'YES' and GRANTEE not in ('AQ_ADMINISTRATOR_ROLE', 'DBA', 'SCHEDULER_ADMIN', 'SYS', 'SYSTEM' ) Order by GRANTEE;1000;1024 0 -1 true Query=Prevent granting of privileges that have WITH GRANT;;select * from DBA_TAB_PRIVS where GRANTABLE = 'YES' and GRANTEE not in ( 'CTXSYS', 'MDSYS', 'OLAPSYS', 'ORDSYS', 'PUBLIC', 'SYS', 'SYSMAN', 'SYSTEM', 'WMSYS' ) Order by GRANTEE;1000;1024 0 -1 true Query=Prevent granting of privileges that have CREATE;;select * from DBA_SYS_PRIVS where privilege like 'CREATE%' and GRANTEE not in ( 'ANONYMOUS', 'AQ_ADMINISTRATOR_ROLE', 'CONNECT', 'CTXSYS', 'DBA', 'DIP', 'DMSYS', 'EXFSYS', 'IMP_FULL_DATABASE', 'IX', 'MDSYS', 'MGMT_USER', 'OE', 'OEM_MONITOR', 'OLAPSYS', 'OLAP_DBA', 'OLAP_USER', 'ORDPLUGINS', 'ORDSYS', 'RECOVERY_CATALOG_OWNER', 'RESOURCE', 'SCHEDULER_ADMIN', 'SH', 'SYS', 'SYSMAN', 'SYSTEM', 'WKPROXY', 'WKSYS', 'WKUSER', 'WMSYS', 'XDB' ) Order by GRANTEE;1000;1024 0 -1 true Query=Prevent granting of CREATE LIBRARY;;select GRANTEE from DBA_SYS_PRIVS where privilege = 'CREATE LIBRARY' and GRANTEE not in ( 'DBA', 'EXFSYS', 'MDSYS', 'OLAPSYS', 'ORDPLUGINS', 'ORDSYS', 'SYS', 'WKSYS', 'XDB', 'DMSYS') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent granting of ALTER SYSTEM;;select GRANTEE from DBA_SYS_PRIVS where privilege = 'ALTER SYSTEM' and GRANTEE not in ('DBA', 'DMSYS', 'SYS', 'WKSYS' ) Order by GRANTEE;1000;1024 0 -1 true Query=Prevent granting of CREATE PROCEDURE;;select GRANTEE from DBA_SYS_PRIVS where privilege = 'CREATE PROCEDURE' and GRANTEE not in ( 'DBA', 'DMSYS', 'IX', 'MDSYS', 'OLAPSYS', 'OLAP_USER', 'ORDPLUGINS', 'ORDSYS', 'RECOVERY_CATALOG_OWNER', 'RESOURCE', 'SYS', 'WKSYS' ) Order by GRANTEE;1000;1024 0 -1 true Query=Prevent granting of BECOME USER;;select GRANTEE from DBA_SYS_PRIVS where privilege = 'BECOME USER' and GRANTEE not in ( 'DBA', 'IMP_FULL_DATABASE', 'SYS', 'WKSYS' ) Order by GRANTEE;1000;1024 0 -1 true Query=Prevent granting of SELECT ANY TABLE;;select GRANTEE from DBA_SYS_PRIVS where privilege = 'SELECT ANY TABLE' and GRANTEE not in ('DBA', 'EXP_FULL_DATABASE', 'IMP_FULL_DATABASE', 'OLAPSYS', 'OLAP_DBA', 'WKSYS' ) Order by GRANTEE;1000;1024 0 -1 true Query=Prevent granting of AUDIT SYSTEM;;select GRANTEE from DBA_SYS_PRIVS where privilege = 'AUDIT SYSTEM' and GRANTEE not in ('DBA', 'SYS', 'WKSYS' ) Order by GRANTEE;1000;1024 0 -1 true Query=Grant privileges only to roles;;select distinct GRANTEE, PRIVILEGE from DBA_SYS_PRIVS where GRANTEE in (select USERNAME from DBA_USERS) and GRANTEE not in ( 'BI', 'CTXSYS', 'DBSNMP', 'DIP', 'DMSYS', 'EXFSYS', 'HR', 'IX', 'MDDATA', 'MDSYS', 'MGMT_VIEW', 'OE', 'OLAPSYS', 'ORDPLUGINS', 'ORDSYS', 'OUTLN', 'PM', 'SH', 'SI_INFORMTN_SCHEMA', 'SYS', 'SYSMAN' ,'SCOTT','SYSTEM','XDB','WMSYS') union select distinct GRANTEE, PRIVILEGE from DBA_TAB_PRIVS where GRANTEE in (select USERNAME from DBA_USERS) and GRANTEE not in ( 'BI', 'CTXSYS', 'DBSNMP', 'DIP', 'DMSYS', 'EXFSYS', 'HR', 'IX', 'MDDATA', 'MDSYS', 'MGMT_VIEW', 'OE', 'OLAPSYS', 'ORDPLUGINS', 'ORDSYS', 'OUTLN', 'PM', 'SH', 'SI_INFORMTN_SCHEMA', 'SYS', 'SYSMAN' ,'SCOTT','SYSTEM','XDB','WMSYS') Order by GRANTEE;1000;1024 0 -1 true Query=Prevent assignment of RESOURCE;;select GRANTEE from DBA_ROLE_PRIVS where granted_role = 'RESOURCE' and grantee not in ('SYS','SCOTT','LOGSTDBY_ADMINISTRATOR') and grantee not in (select distinct owner from dba_tables) Order by GRANTEE;1000;1024 0 -1 true Query=Prevent assignment of CONNECT;;select GRANTEE from DBA_ROLE_PRIVS where granted_role = 'CONNECT' and grantee not in ('SYS','SCOTT','LOGSTDBY_ADMINISTRATOR') and grantee not in (select distinct owner from dba_tables) Order by GRANTEE;1000;1024 0 -1 true Query=Deny access to UTL_FILE;;select GRANTEE from DBA_TAB_PRIVS where TABLE_NAME = 'UTL_FILE' and GRANTEE = 'PUBLIC' and PRIVILEGE = 'EXECUTE';1000;1024 0 -1 true Query=Deny access to UTL_TCP;;select GRANTEE from DBA_TAB_PRIVS where TABLE_NAME = 'UTL_TCP' and GRANTEE = 'PUBLIC' and PRIVILEGE = 'EXECUTE';1000;1024 0 -1 true Query=Deny access to UTL_HTTP;;select GRANTEE from DBA_TAB_PRIVS where TABLE_NAME = 'UTL_HTTP' and GRANTEE = 'PUBLIC' and PRIVILEGE = 'EXECUTE';1000;1024 0 -1 true Query=Deny access to UTL_SMTP;;select GRANTEE from DBA_TAB_PRIVS where TABLE_NAME = 'UTL_SMTP' and GRANTEE = 'PUBLIC' and PRIVILEGE = 'EXECUTE';1000;1024 0 -1 true Query=Deny access to DBMS_LOB;;select GRANTEE from DBA_TAB_PRIVS where TABLE_NAME = 'DBMS_LOB' and GRANTEE = 'PUBLIC' and PRIVILEGE = 'EXECUTE';1000;1024 0 -1 true Query=Deny access to DBMS_SYS_SQL;;select GRANTEE from DBA_TAB_PRIVS where TABLE_NAME = 'DBMS_SYS_SQL' and GRANTEE = 'PUBLIC' and PRIVILEGE = 'EXECUTE';1000;1024 0 -1 true Query=Deny access to DBMS_JOB;;select GRANTEE from DBA_TAB_PRIVS where TABLE_NAME = 'DBMS_JOB' and GRANTEE = 'PUBLIC' and PRIVILEGE = 'EXECUTE';1000;1024 0 -1 true Query=Limit the user schema privileges to 'CREATE SESSION' only on DBA_SYS_PRIVS;;select distinct GRANTEE, PRIVILEGE from DBA_SYS_PRIVS where privilege != 'CREATE SESSION' and GRANTEE in (select PROXY from PROXY_USERS);1000;1024 0 -1 true Query=Revoke public access to all public views that start with ALL_;;select * from DBA_TAB_PRIVS where OWNER = 'SYS' and table_name like 'ALL!_%'escape'!' and GRANTEE = 'PUBLIC';1000;1024 0 -1 true Query=Password protect roles;;select ROLE from DBA_ROLES where password_required != 'YES' and role not in ('AQ_ADMINISTRATOR_ROLE', 'AQ_USER_ROLE', 'AUTHENTICATEDUSER', 'CONNECT', 'CTXAPP', 'DBA', 'DELETE_CATALOG_ROLE', 'DMUSER_ROLE', 'DM_CATALOG_ROLE', 'EJBCLIENT', 'EXECUTE_CATALOG_ROLE', 'EXP_FULL_DATABASE', 'GATHER_SYSTEM_STATISTICS', 'GLOBAL_AQ_USER_ROLE', 'HS_ADMIN_ROLE', 'IMP_FULL_DATABASE', 'JAVADEBUGPRIV', 'JAVAIDPRIV', 'JAVASYSPRIV', 'JAVAUSERPRIV', 'JAVA_ADMIN', 'JAVA_DEPLOY', 'LOGSTDBY_ADMINISTRATOR', 'MGMT_USER', 'OEM_MONITOR', 'OLAP_DBA', 'OLAP_USER', 'RECOVERY_CATALOG_OWNER', 'RESOURCE', 'SCHEDULER_ADMIN', 'SELECT_CATALOG_ROLE', 'WKUSER', 'WM_ADMIN_ROLE', 'XDBADMIN' ) Order by ROLE;1000;1024 0 -1 true Query=Limit or deny access to dbms_backup_restore;;select GRANTEE from DBA_TAB_PRIVS where TABLE_NAME = 'DBMS_BACKUP_RESTORE' and GRANTEE = 'PUBLIC' and PRIVILEGE = 'EXECUTE';1000;1024 0 -1 true Query=Limit or deny access to DBMS_RANDOM;;select GRANTEE from DBA_TAB_PRIVS where TABLE_NAME = 'DBMS_RANDOM' and GRANTEE = 'PUBLIC' and PRIVILEGE = 'EXECUTE';1000;1024 0 -1 true Query=Prevent granting of privileges that contain the keyword ANY;;select GRANTEE from DBA_SYS_PRIVS where privilege like '%ANY%' and GRANTEE not in ( 'AQ_ADMINISTRATOR_ROLE', 'DBA', 'DBSNMP', 'EXFSYS', 'EXP_FULL_DATABASE', 'IMP_FULL_DATABASE', 'IX', 'JAVADEBUGPRIV', 'MDSYS', 'OEM_MONITOR', 'OLAPSYS', 'OLAP_DBA', 'ORDPLUGINS', 'ORDSYS', 'OUTLN', 'SCHEDULER_ADMIN', 'SYS', 'SYSMAN', 'SYSTEM', 'WKSYS' );1000;1024 0 -1 true Query=Password protect roles 11g;;select ROLE from DBA_ROLES where password_required != 'YES' and role not in ('AQ_ADMINISTRATOR_ROLE','AQ_USER_ROLE','AUTHENTICATEDUSER','CONNECT','CSW_USR_ROLE','CTXAPP','CWM_USER','DATAPUMP_EXP_FULL_DATABASE','DATAPUMP_IMP_FULL_DATABASE','DBA','DELETE_CATALOG_ROLE','EJBCLIENT','EXECUTE_CATALOG_ROLE','EXP_FULL_DATABASE','GATHER_SYSTEM_STATISTICS','GLOBAL_AQ_USER_ROLE','HS_ADMIN_ROLE','IMP_FULL_DATABASE','JAVADEBUGPRIV','JAVAIDPRIV','JAVASYSPRIV','JAVAUSERPRIV','JAVA_ADMIN','JAVA_DEPLOY','JMXSERVER','LBAC_DBA','LOGSTDBY_ADMINISTRATOR','MGMT_USER','OEM_ADVISOR','OEM_MONITOR','OLAPI_TRACE_USER','OLAP_DBA','OLAP_USER','OLAP_XS_ADMIN','ORDADMIN','OWB$CLIENT','OWB_DESIGNCENTER_VIEW','OWB_USER','RECOVERY_CATALOG_OWNER','RESOURCE','SCHEDULER_ADMIN','SELECT_CATALOG_ROLE','SPATIAL_CSW_ADMIN','SPATIAL_WFS_ADMIN','WFS_USR_ROLE','WKUSER','WM_ADMIN_ROLE','XDBADMIN','XDB_SET_INVOKER','XDB_WEBSERVICES','XDB_WEBSERVICES_OVER_HTTP','XDB_WEBSERVICES_WITH_PUBLIC','ADM_PARALLEL_EXECUTE_TASK','CAPI_USER_ROLE','HS_ADMIN_EXECUTE_ROLE','HS_ADMIN_SELECT_ROLE','SNMPAGENT') Order by ROLE;1000;1024 0 -1 true Query=Limit User Quotas;;select username from DBA_TS_QUOTAS where max_bytes = '-1' and username not in ('OLAPSYS', 'WK_TEST', 'SYSMAN');1000;1024 0 -1 true Query=Audit Unsuccessful Attempts for Audit Options;;select AUDIT_OPTION from DBA_STMT_AUDIT_OPTS where SUCCESS != 'BY ACCESS' and FAILURE != 'BY ACCESS';1000;1024 0 -1 true Query=Audit Unsuccessful Attempts for Privileges;;select PRIVILEGE from DBA_PRIV_AUDIT_OPTS where SUCCESS != 'BY ACCESS' and FAILURE != 'BY ACCESS';1000;1024 0 -1 true Query=Audit Unsuccessful Attempts for Objects;;select OBJECT_NAME from DBA_OBJ_AUDIT_OPTS where ALT not like '%/A' and AUD not like '%/A' and COM not like '%/A' and DEL not like '%/A' and GRA not like '%/A' and IND not like '%/A' and INS not like '%/A' and LOC not like '%/A' and REN not like '%/A' and SEL not like '%/A' and UPD not like '%/A' and FBK not like '%/A';1000;1024 0 -1 true 0 false Query=default password_life_time greater than 90;;select profile, limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_LIFE_TIME' and to_number(decode(limit, 'UNLIMITED', 1000, limit)) > 90;1000;1024 0 -1 true Query=default password_life_time greater than 60;;select profile, limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_LIFE_TIME' and to_number(decode(limit, 'UNLIMITED', 1000, limit)) > 60;1000;1024 0 -1 true Query=Non-default password_life_time greater than 365;;select profile, limit from dba_profiles, (select decode(limit,'UNLIMITED',1000,limit) as default_pass_life_time from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_LIFE_TIME') where resource_name='PASSWORD_LIFE_TIME' and profile != 'DEFAULT' and to_number(decode(limit, 'DEFAULT', default_pass_life_time, 'UNLIMITED', 1000, limit)) > 365;1000;1024 0 -1 true Query=password reuse_max and reuse_time are set values;;select p1.profile profile, p1.limit REUSE_MAX, p2.limit REUSE_TIME from dba_profiles p1, dba_profiles p2, (select limit as default_reuse_max from dba_profiles where resource_name='PASSWORD_REUSE_MAX' and profile='DEFAULT'), (select limit as default_reuse_time from dba_profiles where resource_name='PASSWORD_REUSE_TIME' and profile='DEFAULT') where p1.profile = p2.profile and p1.resource_name = 'PASSWORD_REUSE_MAX' and p2.resource_name = 'PASSWORD_REUSE_TIME' and replace(p1.limit, 'DEFAULT', default_reuse_max) not in ('UNLIMITED', 'DEFAULT') and replace(p2.limit, 'DEFAULT', default_reuse_time) not in ('UNLIMITED', 'DEFAULT') order by p1.profile;1000;1024 0 -1 true Query=password reuse_max and reuse_time are UNLIMITED;;select p1.profile profile, p1.limit REUSE_MAX, p2.limit REUSE_TIME from dba_profiles p1, dba_profiles p2, (select limit as default_reuse_max from dba_profiles where resource_name='PASSWORD_REUSE_MAX' and profile='DEFAULT'), (select limit as default_reuse_time from dba_profiles where resource_name='PASSWORD_REUSE_TIME' and profile='DEFAULT') where p1.profile = p2.profile and p1.resource_name = 'PASSWORD_REUSE_MAX' and p2.resource_name = 'PASSWORD_REUSE_TIME' and replace(p1.limit, 'DEFAULT', default_reuse_max) = 'UNLIMITED' and replace(p2.limit, 'DEFAULT', default_reuse_time) = 'UNLIMITED' order by p1.profile;1000;1024 0 -1 true Query=IDLE_TIME Para;;select profile,limit from DBA_PROFILES where resource_name='IDLE_TIME';1000;1024 0 -1 true Query=idle_timeout;;select PROFILE, LIMIT from DBA_PROFILES where RESOURCE_NAME = 'IDLE_TIME' and LIMIT != 'DEFAULT' Order by PROFILE;1000;1024 0 -1 true Query=failed_login_attempts;;SELECT PROFILE, LIMIT FROM DBA_PROFILES WHERE RESOURCE_NAME='FAILED_LOGIN_ATTEMPTS' and LIMIT != 'DEFAULT' Order by PROFILE;0;1024 0 -1 true Query=password_life_time;;select PROFILE, LIMIT from DBA_PROFILES where RESOURCE_NAME = 'PASSWORD_LIFE_TIME' and LIMIT != 'DEFAULT' Order by PROFILE;1000;1024 0 -1 true Query=password_reuse_max;;select PROFILE,RESOURCE_NAME,LIMIT from DBA_PROFILES where RESOURCE_NAME = 'PASSWORD_REUSE_MAX' and LIMIT != 'DEFAULT' Order by PROFILE;1000;1024 0 -1 true Query=password_reuse_time;;select PROFILE,RESOURCE_NAME,LIMIT from DBA_PROFILES where RESOURCE_NAME = 'PASSWORD_REUSE_TIME' Order by PROFILE;1000;1024 0 -1 true Query=password_lock_time;;select PROFILE,RESOURCE_NAME,LIMIT from DBA_PROFILES where RESOURCE_NAME = 'PASSWORD_LOCK_TIME' Order by PROFILE;1000;1024 0 -1 true Query=password_grace_time;;select PROFILE, LIMIT from DBA_PROFILES where RESOURCE_NAME = 'PASSWORD_GRACE_TIME' and LIMIT != 'DEFAULT' Order by PROFILE;1000;1024 0 -1 true Query=password_verify_function;;select PROFILE from DBA_PROFILES where RESOURCE_NAME = 'PASSWORD_VERIFY_FUNCTION' and LIMIT = 'NULL' Order by PROFILE;1000;1024 0 -1 true Query=CPU_PER_SESSION;;select PROFILE from DBA_PROFILES where PROFILE in (select distinct PROFILE from DBA_USERS) and RESOURCE_NAME = 'CPU_PER_SESSION' and LIMIT = 'UNLIMITED';1000;1024 0 -1 true Query=PRIVATE_SGA;;select PROFILE from DBA_PROFILES where PROFILE in (select distinct PROFILE from DBA_USERS) and RESOURCE_NAME = 'PRIVATE_SGA' and LIMIT = 'UNLIMITED';1000;1024 0 -1 true Query=LOGICAL_READS_PER_SESSION;;select PROFILE from DBA_PROFILES where PROFILE in (select distinct PROFILE from DBA_USERS) and RESOURCE_NAME = 'LOGICAL_READS_PER_SESSION' and LIMIT = 'UNLIMITED';1000;1024 0 -1 true Query=SESSIONS_PER_USER;;select PROFILE from DBA_PROFILES where PROFILE in (select distinct PROFILE from DBA_USERS) and RESOURCE_NAME = 'SESSIONS_PER_USER' and LIMIT = 'UNLIMITED';1000;1024 0 -1 true Query=CONNECT_TIME;;select PROFILE from DBA_PROFILES where PROFILE in (select distinct PROFILE from DBA_USERS) and RESOURCE_NAME = 'CONNECT_TIME' and LIMIT = 'UNLIMITED';1000;1024 0 -1 true Query=IDLE_TIME;;select PROFILE from DBA_PROFILES where PROFILE in (select distinct PROFILE from DBA_USERS) and RESOURCE_NAME = 'IDLE_TIME' and LIMIT = 'UNLIMITED';1000;1024 0 -1 true Query=password;;select USERNAME from DBA_USERS where PASSWORD = 'EXTERNAL' and ACCOUNT_STATUS not like '%LOCKED%' Order By USERNAME;1000;1024 0 -1 true Using only for Oracle 10g/11g policies 0 false Query=Where appropriate or required by security or legal requirements;;select ROWNUM from (select null from DBA_AUDIT_POLICIES union select null from DBA_AUDIT_POLICY_COLUMNS);1000;1024 0 -1 true Query=Set AUDIT ALL ON SYS.AUD$ BY ACCESS;;SELECT v.VALUE AS SYS_AUD_AUDIT FROM v$parameter v WHERE lower(v.name) = 'audit_trail' UNION ALL SELECT OBJECT_NAME FROM DBA_OBJ_AUDIT_OPTS o WHERE o.OWNER = 'SYS' and o.OBJECT_NAME = 'AUD$' and o.ALT='A/A' and o.AUD='A/A' and o.COM='A/A' and o.DEL='A/A' and o.GRA='A/A' and o.IND='A/A' and o.INS='A/A' and o.LOC='A/A' and o.REN='A/A' and o.SEL='A/A' and o.UPD='A/A' and o.FBK='A/A';1000;1024 0 -1 true 0 false dat Files ls $(UNIX_ORACLE_HOME)/otrace/admin/ 2>/dev/null 0 0 false Query=Oracle System Data And Table Access;;select grantee,privilege,owner,table_name from dba_tab_privs where (owner='SYS' or table_name like 'DBA_%') and privilege <> 'EXECUTE' and grantee not in('PUBLIC','AQ_ADMINISTRATOR_ROLE','AQ_USER_ROLE','AURORA$JIS$UTILITY$','OSE$HTTP$ADMIN','TRACESVR','CTXSYS','DBA','DELETE_CATALOG_ROLE','EXECUTE_CATALOG_ROLE','EXP_FULL_DATABASE','GATHER_SYSTEM_STATISTICS','HS_ADMIN_ROLE','IMP_FULL_DATABASE','LOGSTDBY_ADMINISTRATOR','MDSYS','ODM','OEM_MONITOR','OLAPSYS','ORDSYS','OUTLN','RECOVERY_CATALOG_OWNER','SELECT_CATALOG_ROLE','SNMPAGENT','SYSTEM','WKSYS','WKUSER','WMSYS','WM_ADMIN_ROLE','XDB','LBACSYS','PERFSTAT','XDBADMIN') and grantee not in(select grantee from dba_role_privs where granted_role='DBA') order by grantee;1000;1024 0 -1 true Query=Oracle PUBLIC Role Privileges;;select granted_role from dba_role_privs where grantee='PUBLIC';1000;1024 0 -1 true Query=Oracle Direct Privilege Assignment to Accounts;;select grantee||': '||privilege||': '||owner||'.'||table_name from dba_tab_privs where grantee not in (select role from dba_roles) and grantee not in ('APEX_PUBLIC_USER', 'AURORA$JIS$UTILITY$', 'CTXSYS','DBSNMP', 'EXFSYS', 'FLOWS_030000', 'FLOWS_FILES','LBACSYS', 'MDSYS', 'MGMT_VIEW', 'ODM', 'OLAPSYS','ORACLE_OCM', 'ORDPLUGINS', 'ORDSYS','OSE$HTTP$ADMIN', 'OUTLN', 'OWBSYS', 'PERFSTAT','PUBLIC', 'REPADMIN', 'SYS', 'SYSMAN', 'SYSTEM','WKSYS', 'WMSYS', 'XDB') and table_name<>'DBMS_REPCAT_INTERNAL_PACKAGE' and table_name not like '%RP' and grantee not in (select grantee from dba_tab_privs where table_name in ('DBMS_DEFER', 'DEFLOB'));1000;1024 0 -1 true Query=PASSWORD_LOCK_TIME Is Set to UNLIMITED or DEFAULT;;select profile from dba_profiles where resource_name='PASSWORD_LOCK_TIME' and limit not in ('UNLIMITED', 'DEFAULT');1000;1024 0 -1 true Query=SYSTEM Tablespace;;select username from dba_users where (default_tablespace= 'SYSTEM' or temporary_tablespace= 'SYSTEM') and username not in('AURORA$JIS$UTILITY$','AURORA$ORB$UNAUTHENTICATED','DBSNMP','MDSYS','ORDPLUGINS','ORDSYS','OSE$HTTP$ADMIN','OUTLN','REPADMIN','SYS','SYSTEM','TRACESVR','MTSSYS','DIP');1000;1024 0 -1 true Query=Oracle Predefined Roles;;select grantee||': '||granted_role from dba_role_privs where grantee not in('ANONYMOUS','AURORA$JIS$UTILITY$', 'AURORA$ORB$UNAUTHENTICATED','CTXSYS','DBSNMP','DIP', 'DMSYS','DVF','DVSYS','EXFSYS','LBACSYS','MDDATA','MDSYS', 'MGMT_VIEW','ODM','ODM_MTR','OLAPSYS','ORDPLUGINS','ORDSYS','OSE$HTTP$ADMIN','OUTLN','PERFSTAT','REPADMIN','RMAN', 'SI_INFORMTN_SCHEMA','SYS','SYSMAN','SYSTEM','TRACESVR','TSMSYS','WK_TEST','WKPROXY','WKSYS','WKUSER','WMSYS','XDB') and grantee not in(select role from dba_roles) and grantee not in(select grantee from dba_role_privs where granted_role='DBA') and grantee not in(select distinct owner from dba_objects) and granted_role in('AQ_ADMINISTRATOR_ROLE','AQ_USER_ROLE','AUTHENTICATEDUSER','CONNECT','CTXAPP', 'DELETE_CATALOG_ROLE','EJBCLIENT','EXECUTE_CATALOG_ROLE','EXP_FULL_DATABASE','GATHER_SYSTEM_STATISTICS', 'GLOBAL_AQ_USER_ROLE','HS_ADMIN_ROLE','IMP_FULL_DATABASE','JAVADEBUGPRIV','JAVAIDPRIV', 'JAVASYSPRIV','JAVAUSERPRIV','JAVA_ADMIN','JAVA_DEPLOY','LOGSTDBY_ADMINISTRATOR','OEM_MONITOR','OLAP_DBA', 'RECOVERY_CATALOG_OWNER','RESOURCE','SALES_HISTORY_ROLE','SELECT_CATALOG_ROLE','WKUSER','WM_ADMIN_ROLE','XDBADMIN') order by grantee;1000;1024 0 -1 true Query=Audit Table Ownership;;select owner from dba_tables where table_name='AUD$';1000;1024 0 -1 true Query=Oracle Instance Names;;select instance_name, substr(version, 1, instr(version,'.')-1) as Version_Number from v$instance where instance_name like concat(concat('%',substr(version, 1, instr(version,'.')-1)),'%');1000;1024 0 -1 true Query=Auditing RENAME WHENEVER SUCCESSFUL / UNSUCCESSFUL;;select count(*) from all_def_audit_opts where ren='A/A';1000;1024 0 -1 true Query=Application Express;;select count(*) from dba_users where username like 'FLOWS_%';1000;1024 0 -1 true Query=Oracle Audited Events;;select name from stmt_audit_option_map where name not in (select audit_option from dba_stmt_audit_opts) and name not in ('ALL STATEMENTS', 'ANALYZE ANY DICTIONARY', 'CREATE DIRECTORY', 'DEBUG CONNECT ANY', 'DEBUG CONNECT USER', 'DELETE ANY TABLE', 'DELETE TABLE', 'DROP DIRECTORY', 'EXECUTE ANY LIBRARY', 'EXECUTE ANY PROCEDURE', 'EXECUTE ANY TYPE', 'EXECUTE LIBRARY', 'EXECUTE PROCEDURE', 'EXISTS', 'GRANT LIBRARY', 'INSERT ANY TABLE', 'INSERT TABLE', 'LOCK TABLE', 'NETWORK', 'OUTLINE', 'READUP', 'READUP DBHIGH', 'SELECT ANY DICTIONARY', 'SELECT ANY SEQUENCE', 'SELECT ANY TABLE', 'SELECT MINING MODEL', 'SELECT SEQUENCE', 'SELECT TABLE', 'UPDATE ANY TABLE', 'UPDATE TABLE', 'USE EDITION', 'WRITEDOWN', 'WRITEDOWN DBLOW', 'WRITEUP', 'WRITEUP DBHIGH');1000;1024 0 -1 true Query=Oracle Version Support;;select banner from v$version where banner like 'Oracle%';1000;1024 0 -1 true Query=WITH GRANT OPTION Privileges;;select privilege||':'||grantee||': '||owner||'.'||table_name from dba_tab_privs where grantable='YES' and grantee not in ('SYS', 'SYSTEM', 'SYSMAN', 'WMSYS', 'OUTLN', 'CTXSYS', 'OLAPSYS', 'WKSYS', 'MDSYS', 'EXFSYS', 'ORDSYS', 'ORDPLUGINS', 'ORACLE_OCM', 'PUBLIC') and grantee not in (select distinct owner from dba_objects) and grantee not in (select grantee from dba_role_privs where granted_role='DBA') order by grantee;1000;1024 0 -1 true Query=Application User Role Privileges;;select grantee, owner, table_name, privilege from dba_tab_privs where privilege in ('ALTER', 'REFERENCES', 'INDEX') and grantee not in ('DBA', 'SYS', 'SYSTEM', 'LBACSYS', 'XDBADMIN') and table_name not in ('SDO_IDX_TAB_SEQUENCE', 'XDB$ACL', 'XDB_ADMIN') and grantee not in (select grantee from dba_role_privs where granted_role='DBA') and grantee not in (select distinct owner from dba_objects) and table_name not in (select distinct table_name from dba_nested_tables);1000;1024 0 -1 true Query=DBMS Security;;select version from v$instance;1000;1024 0 -1 true Query=Oracle PASSWORD_LIFE_TIME Profile Parameter;;select profile, limit from dba_profiles,(select limit as def_pwd_life_tm from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_LIFE_TIME') where resource_name='PASSWORD_LIFE_TIME' and ((replace(limit, 'DEFAULT', def_pwd_life_tm) in ('UNLIMITED', NULL)) or (lpad(replace(limit, 'DEFAULT', def_pwd_life_tm),40,'0') >lpad('60',40,'0')));1000;1024 0 -1 true Query=Oracle Demo Applications And Accounts;;select username from dba_users where username in ('SCOTT','HR','IX','OE','PM','SH','COMPANY','MFG','FINANCE','ANYDATA_USER','ANYDSET_USER','ANYTYPE_USER','AQJAVA','AQUSER','AQXMLUSER','GPFD','GPLD','MMO2','XMLGEN1','BLAKE','ADAMS','CLARK','JONES') or username like 'QS%' or username like 'USER%' or username like '%DEMO%' or username like 'SERVICECONSUMER%';1000;1024 0 -1 true Query=Oracle Version;;select substr(version,1,4) from v$instance;1000;1024 0 -1 true 0 false DBMS Administration rootgroups=`groups root 2>/dev/null`; for user in `cat /etc/group 2>/dev/null | grep -i dba | awk -F":" '{print $NF}' | tr ',' ' '`; do if [ "`echo $rootgroups | grep -w "$user"`" -o "$user" = "root" ]; then echo "DBMS administration OS account {$user} is listed in root group or is root user."; fi; done 0 0 false Oracle Advanced Security su - $(ORACLE_USER) -c '$(UNIX_ORACLE_HOME)/OPatch/opatch lsinventory -detail 2>/dev/null' 0 0 false $(UNIX_ORACLE_HOME)/network/admin/sqlnet.ora 0 0 true 1 $(UNIX_ORACLE_HOME)/hs/admin/extproc.ora 0 0 true 1 $(UNIX_ORACLE_HOME)/ldap/admin/fips.ora 0 0 true 1 $(UNIX_ORACLE_HOME)/rdbms/admin/externaljob.ora 0 -1 true 1 $(UNIX_ORACLE_HOME)/bin/dbsnmp 0 0 false 1 $(UNIX_ORACLE_HOME)/network/admin/tnsnames.ora 0 0 true 1 $(UNIX_ORACLE_HOME)/bin/tkprof 0 0 true 1 $(UNIX_ORACLE_IAS_HOME)/sysman/config/emoms.properties 0 0 true 1 $(UNIX_ORACLE_HOME)/network/agent 0 0 true 1 $(UNIX_ORACLE_HOME)/bin/extproc 0 0 false 1 $(UNIX_ORACLE_HOME)/network/admin/cman.ora 0 0 true 1 true UNIX_ORACLE_HOME located beneath ORACLE_BASE is where the oracle products reside. Eg: /opt/app/auspex/102 (this applies for Unix platform) 1 SHA-1 Size 1 Group SHA-1 Size Permissions User ACL 2 Group Permissions User ACL UNIX_ORACLE_IAS_HOME located beneath UNIX_ORACLE_HOME, that provides a key piece of the infrastructure necessary for us to bring our Oracle databases to the Web. Eg: /opt/app/auspex/102/childish-1.qa.tripwire.com_qa10g 0 false Query=Accounts;;select USERNAME from DBA_USERS where ACCOUNT_STATUS not like '%LOCKED%' and USERNAME not in ( 'ANONYMOUS', 'BI', 'CTXSYS', 'DBSNMP', 'DIP', 'DMSYS', 'EXFSYS', 'HR', 'IX', 'MDDATA', 'MDSYS', 'MGMT_VIEW', 'OE', 'OLAPSYS', 'ORDPLUGINS', 'ORDSYS', 'OUTLN', 'PM', 'SH', 'SI_INFORMTN_SCHEMA', 'SYS', 'SYSMAN', 'SYSTEM', 'WKPROXY', 'WKSYS', 'WK_TEST', 'WMSYS', 'XDB' ) Order by USERNAME;1000;1024 0 -1 true Query=Encryption for DBMS_OBFUSCATION_TOOLKIT;;select GRANTEE from DBA_TAB_PRIVS where TABLE_NAME = 'DBMS_OBFUSCATION_TOOLKIT' and GRANTEE = 'PUBLIC' and PRIVILEGE = 'EXECUTE';1000;1024 0 -1 true Query=Encryption for Use RAW of BLOB;;select OWNER||'.'||TABLE_NAME from DBA_TAB_COLUMNS where DATA_TYPE ='CLOB' and OWNER not in ( 'ANONYMOUS', 'BI', 'CTXSYS', 'DBSNMP', 'DIP', 'DMSYS', 'EXFSYS', 'HR', 'IX', 'MDDATA', 'MDSYS', 'MGMT_VIEW', 'OE', 'OLAPSYS', 'ORDPLUGINS', 'ORDSYS', 'OUTLN', 'PM', 'SH', 'SI_INFORMTN_SCHEMA', 'SYS', 'SYSMAN', 'SYSTEM', 'WKPROXY', 'WKSYS', 'WK_TEST', 'WMSYS', 'XDB' ) Order by OWNER;1000;1024 0 -1 true Monitors the runtime configuration parameters related to auditing 0 false Configuration Parameter=* 0 -1 true 2 log_archive_dest_state_* 1 log_archive_dest_state_* 0 false Query=Audit INSERT;;SELECT COUNT (*) FROM DBA_OBJ_AUDIT_OPTS WHERE (OBJECT_TYPE='TABLE' AND INS NOT LIKE '%/-');1000;1024 0 -1 true Query=Audit EXECUTE PROCEDURE;;SELECT ROWNUM FROM DBA_STMT_AUDIT_OPTS WHERE AUDIT_OPTION='EXECUTE PROCEDURE' and USER_NAME is null and PROXY_NAME is null and SUCCESS = 'BY SESSION' and FAILURE = 'BY SESSION';1000;1024 0 -1 true Query=Audit SELECT ANY DICTIONARY;;select ROWNUM from DBA_STMT_AUDIT_OPTS where AUDIT_OPTION = 'SELECT ANY DICTIONARY' and USER_NAME is null and PROXY_NAME is null and SUCCESS = 'BY ACCESS' and FAILURE = 'BY ACCESS';1000;1024 0 -1 true Query=Audit GRANT ANY OBJECT;;select rownum from DBA_STMT_AUDIT_OPTS where AUDIT_OPTION = 'GRANT ANY OBJECT PRIVILEGE' and USER_NAME is null and PROXY_NAME is null and SUCCESS = 'BY ACCESS' and FAILURE = 'BY ACCESS';1000;1024 0 -1 true Query=Audit CREATE {ANY} LIBRARY;;select ROWNUM from DBA_STMT_AUDIT_OPTS where (AUDIT_OPTION = 'CREATE LIBRARY' or AUDIT_OPTION = 'CREATE ANY LIBRARY') and USER_NAME is null and PROXY_NAME is null and SUCCESS = 'BY ACCESS' and FAILURE = 'BY ACCESS';1000;1024 0 -1 true Query=Audit all log ons and log offs;;SELECT USER_NAME, SUCCESS, FAILURE FROM DBA_PRIV_AUDIT_OPTS WHERE PRIVILEGE='CREATE SESSION' and USER_NAME is null and PROXY_NAME is null and SUCCESS = 'BY ACCESS' and FAILURE = 'BY ACCESS' Order by USER_NAME;1000;1024 0 -1 true Query=Audit ALTER ANY TABLE;;select ROWNUM from DBA_STMT_AUDIT_OPTS where AUDIT_OPTION = 'ALTER ANY TABLE' and USER_NAME is null and PROXY_NAME is null and SUCCESS = 'BY ACCESS' and FAILURE = 'BY ACCESS';1000;1024 0 -1 true Query=Audit ALTER USER;;select ROWNUM from DBA_STMT_AUDIT_OPTS where AUDIT_OPTION = 'ALTER USER' and USER_NAME is null and PROXY_NAME is null and SUCCESS = 'BY ACCESS' and FAILURE = 'BY ACCESS';1000;1024 0 -1 true Query=Audit any CREATE statement;;select name from STMT_AUDIT_OPTION_MAP m where m.NAME like 'CREATE%' and not exists ( select null from DBA_STMT_AUDIT_OPTS where AUDIT_OPTION = m.NAME and USER_NAME is null and PROXY_NAME is null and SUCCESS = 'BY ACCESS' and FAILURE = 'BY ACCESS' );1000;1024 0 -1 true Query=Audit CREATE ROLE;;select ROWNUM from DBA_STMT_AUDIT_OPTS where AUDIT_OPTION = 'CREATE ROLE' and USER_NAME is null and PROXY_NAME is null and SUCCESS = 'BY ACCESS' and FAILURE = 'BY ACCESS';1000;1024 0 -1 true Query=Audit CREATE USER;;select ROWNUM from DBA_STMT_AUDIT_OPTS where AUDIT_OPTION = 'CREATE USER' and USER_NAME is null and PROXY_NAME is null and SUCCESS = 'BY ACCESS' and FAILURE = 'BY ACCESS';1000;1024 0 -1 true Query=Audit CREATE SESSION;;select ROWNUM from DBA_STMT_AUDIT_OPTS where AUDIT_OPTION = 'CREATE SESSION' and USER_NAME is null and PROXY_NAME is null and SUCCESS = 'BY ACCESS' and FAILURE = 'BY ACCESS';1000;1024 0 -1 true Query=Audit any DROP statement;;select name from STMT_AUDIT_OPTION_MAP m where m.NAME like 'DROP%' and not exists ( select null from DBA_STMT_AUDIT_OPTS where AUDIT_OPTION = m.NAME and USER_NAME is null and PROXY_NAME is null and SUCCESS = 'BY ACCESS' and FAILURE = 'BY ACCESS' );1000;1024 0 -1 true Query=Audit DROP ANY PROCEDURE;;select ROWNUM from DBA_STMT_AUDIT_OPTS where AUDIT_OPTION = 'DROP ANY PROCEDURE' and USER_NAME is null and PROXY_NAME is null and SUCCESS = 'BY ACCESS' and FAILURE = 'BY ACCESS';1000;1024 0 -1 true Query=Audit DROP ANY TABLE;;select ROWNUM from DBA_STMT_AUDIT_OPTS where AUDIT_OPTION = 'DROP ANY TABLE' and USER_NAME is null and PROXY_NAME is null and SUCCESS = 'BY ACCESS' and FAILURE = 'BY ACCESS';1000;1024 0 -1 true Query=Audit GRANT ANY PRIVILEGE;;select ROWNUM from DBA_STMT_AUDIT_OPTS where AUDIT_OPTION = 'GRANT ANY PRIVILEGE' and USER_NAME is null and PROXY_NAME is null and SUCCESS = 'BY ACCESS' and FAILURE = 'BY ACCESS';1000;1024 0 -1 true Query=Audit GRANT ANY ROLE;;select ROWNUM from DBA_STMT_AUDIT_OPTS where AUDIT_OPTION = 'GRANT ANY ROLE' and USER_NAME is null and PROXY_NAME is null and SUCCESS = 'BY ACCESS' and FAILURE = 'BY ACCESS';1000;1024 0 -1 true 0 false listener.ora /bin/cat $(UNIX_ORACLE_HOME)/network/admin/listener.ora 2>/dev/null 0 0 false Password Listener LstFile="$(UNIX_ORACLE_HOME)/network/admin/listener.ora"; Content=`sed 's/#.*//g' "$LstFile" 2>/dev/null | egrep -v "^[[:space:]]*$" | tr '\t' ' ' | tr '\n' '#'`; Listeners=`echo $Content | sed 's/= *#/=/g' | sed 's/( *#/(/g' | tr '#' '\n' | awk -F= '$2 ~ /^[[:space:]]*\([[:space:]]*[Dd][Ee][Ss][Cc][Rr][Ii][Pp][Tt][Ii][Oo][Nn]/ {print $1}' | sed 's/^ *//g' | sed 's/ *$//g'`; if [ -n "$Listeners" ]; then for listener in $Listeners; do Password=`egrep -i "^[[:space:]]*PASSWORDS_${listener}[[:space:]]*=" "$LstFile" 2>/dev/null`; if [ -z "$Password" ]; then echo "The $listener listener is not set a password"; fi; done; else echo "$LstFile does not have any listener or does not exist"; fi; 0 0 false Admin Restrictions Listener LstFile="$(UNIX_ORACLE_HOME)/network/admin/listener.ora"; Content=`sed 's/#.*//g' "$LstFile" 2>/dev/null | egrep -v "^[[:space:]]*$" | tr '\t' ' ' | tr '\n' '#'`; Listeners=`echo $Content | sed 's/= *#/=/g' | sed 's/( *#/(/g' | tr '#' '\n' | awk -F= '$2 ~ /^[[:space:]]*\([[:space:]]*[Dd][Ee][Ss][Cc][Rr][Ii][Pp][Tt][Ii][Oo][Nn]/ {print $1}' | sed 's/^ *//g' | sed 's/ *$//g'`; if [ -n "$Listeners" ]; then for listener in $Listeners; do AdminRestrictions=`egrep -i "^[[:space:]]*ADMIN_RESTRICTIONS_${listener}[[:space:]]*=[[:space:]]*on[[:space:]]*($|\#)" "$LstFile" 2>/dev/null`; if [ -z "$AdminRestrictions" ]; then echo "The $listener listener is not set an admin_restrictions to on"; fi; done; else echo "$LstFile does not have any listener or does not exist"; fi; 0 0 false Inbound_connect_timeout LstFile="$(UNIX_ORACLE_HOME)/network/admin/listener.ora"; Content=`sed 's/#.*//g' "$LstFile" 2>/dev/null | egrep -v "^[[:space:]]*$" | tr '\t' ' ' | tr '\n' '#'`; Listeners=`echo $Content | sed 's/= *#/=/g' | sed 's/( *#/(/g' | tr '#' '\n' | awk -F= '$2 ~ /^[[:space:]]*\([[:space:]]*[Dd][Ee][Ss][Cc][Rr][Ii][Pp][Tt][Ii][Oo][Nn]/ {print $1}' | sed 's/^ *//g' | sed 's/ *$//g'`; if [ -n "$Listeners" ]; then for listener in $Listeners; do Timeout=`egrep -i "^[[:space:]]*inbound_connect_timeout_${listener}[[:space:]]*=" "$LstFile" 2>/dev/null | awk -F= '{print $2}' | sed 's/ //g'`; if [ -z "$Timeout" ] || ([ $Timeout != 1 ] && [ $Timeout != 2 ]); then echo "The inbound_connect_timeout of $listener listener is not set to 1 or 2"; fi; done; else echo "$LstFile does not have any listener or does not exist"; fi; 0 0 false Secure Control Listener LstFile="$(UNIX_ORACLE_HOME)/network/admin/listener.ora"; Content=`sed 's/#.*//g' "$LstFile" 2>/dev/null | egrep -v "^[[:space:]]*$" | tr '\t' ' ' | tr '\n' '#'`; Listeners=`echo $Content | sed 's/= *#/=/g' | sed 's/( *#/(/g' | tr '#' '\n' | awk -F= '$2 ~ /^[[:space:]]*\([[:space:]]*[Dd][Ee][Ss][Cc][Rr][Ii][Pp][Tt][Ii][Oo][Nn]/ {print $1}' | sed 's/^ *//g' | sed 's/ *$//g'`; if [ -n "$Listeners" ]; then for listener in $Listeners; do SecureControl=`egrep -i "^[[:space:]]*SECURE_CONTROL_${listener}[[:space:]]*=[[:space:]]*\([[:space:]]*(TCPS[[:space:]]*,[[:space:]]*IPC|IPC[[:space:]]*,[[:space:]]*TCPS)[[:space:]]*\)[[:space:]]*($|\#)" "$LstFile" 2>/dev/null`; if [ -z "$SecureControl" ]; then echo "The $listener listener is not set an secure_control to (TCPS,IPC)."; fi; done; else echo "$LstFile does not have any listener or does not exist"; fi 0 0 false Secure Protocol Listener LstFile="$(UNIX_ORACLE_HOME)/network/admin/listener.ora"; Content=`sed 's/#.*//g' "$LstFile" 2>/dev/null | egrep -v "^[[:space:]]*$" | tr '\t' ' ' | tr '\n' '#'`; Listeners=`echo $Content | sed 's/= *#/=/g' | sed 's/( *#/(/g' | tr '#' '\n' | awk -F= '$2 ~ /^[[:space:]]*\([[:space:]]*[Dd][Ee][Ss][Cc][Rr][Ii][Pp][Tt][Ii][Oo][Nn]/ {print $1}' | sed 's/^ *//g' | sed 's/ *$//g'`; if [ -n "$Listeners" ]; then for listener in $Listeners; do SecureControl=`egrep -i "^[[:space:]]*SECURE_PROTOCOL_${listener}[[:space:]]*=[[:space:]]*\([[:space:]]*(TCPS[[:space:]]*,[[:space:]]*IPC|IPC[[:space:]]*,[[:space:]]*TCPS)[[:space:]]*\)[[:space:]]*($|\#)" "$LstFile" 2>/dev/null`; if [ -z "$SecureControl" ]; then echo "The $listener listener is not set an secure_protocol to (TCPS,IPC)."; fi; done; else echo "$LstFile does not have any listener or does not exist"; fi 0 0 false Secure Register Listener LstFile="$(UNIX_ORACLE_HOME)/network/admin/listener.ora"; Content=`sed 's/#.*//g' "$LstFile" 2>/dev/null | egrep -v "^[[:space:]]*$" | tr '\t' ' ' | tr '\n' '#'`; Listeners=`echo $Content | sed 's/= *#/=/g' | sed 's/( *#/(/g' | tr '#' '\n' | awk -F= '$2 ~ /^[[:space:]]*\([[:space:]]*[Dd][Ee][Ss][Cc][Rr][Ii][Pp][Tt][Ii][Oo][Nn]/ {print $1}' | sed 's/^ *//g' | sed 's/ *$//g'`; if [ -n "$Listeners" ]; then for listener in $Listeners; do SecureControl=`egrep -i "^[[:space:]]*SECURE_REGISTER_${listener}[[:space:]]*=[[:space:]]*\([[:space:]]*(TCPS[[:space:]]*,[[:space:]]*IPC|IPC[[:space:]]*,[[:space:]]*TCPS)[[:space:]]*\)[[:space:]]*($|\#)" "$LstFile" 2>/dev/null`; if [ -z "$SecureControl" ]; then echo "The $listener listener is not set an secure_register to (TCPS,IPC)."; fi; done; else echo "$LstFile does not have any listener or does not exist"; fi 0 0 false Dynamic Registration Listener LstFile="$(UNIX_ORACLE_HOME)/network/admin/listener.ora"; Content=`sed 's/#.*//g' "$LstFile" 2>/dev/null | egrep -v "^[[:space:]]*$" | tr '\t' ' ' | tr '\n' '#'`; Listeners=`echo $Content | sed 's/= *#/=/g' | sed 's/( *#/(/g' | tr '#' '\n' | awk -F= '$2 ~ /^[[:space:]]*\([[:space:]]*[Dd][Ee][Ss][Cc][Rr][Ii][Pp][Tt][Ii][Oo][Nn]/ {print $1}' | sed 's/^ *//g' | sed 's/ *$//g'`; if [ -n "$Listeners" ]; then for listener in $Listeners; do AdminRestrictions=`egrep -i "^[[:space:]]*DYNAMIC_REGISTRATION_${listener}[[:space:]]*=[[:space:]]*off[[:space:]]*($|\#)" "$LstFile" 2>/dev/null`; if [ -z "$AdminRestrictions" ]; then echo "The $listener listener is not set an dynamic_registration to off"; fi; done; else echo "$LstFile does not have any listener or does not exist"; fi 0 0 false Local And Network Advertised ORACLE_SID1=`awk -F":" '$1 !~ /^#/ && $3 ~ /^(N|Y)$/ {print $1}' /etc/oratab 2>/dev/null | sort -u | wc -l`; ORACLE_SID2=`awk -F":" '$1 !~ /^#/ && $3 ~ /^(N|Y)$/ {print $1}' /etc/oratab 2>/dev/null | wc -l`; if [ $ORACLE_SID1 -ne $ORACLE_SID2 ]; then echo "ORACLE SIDs are not unique in /etc/oratab"; fi 0 0 false SEC_USER_AUDIT_ACTION_BANNER cat "`awk -F"=" '$1 ~ /^[[:space:]]*SEC_USER_AUDIT_ACTION_BANNER[[:space:]]*$/ {print $2}' $(UNIX_ORACLE_HOME)/network/admin/sqlnet.ora 2>/dev/null | sed 's/ //g'`" 2>/dev/null 0 0 false SEC_USER_UNAUTHORIZED_ACCESS_BANNER cat "`awk -F"=" '$1 ~ /^[[:space:]]*SEC_USER_UNAUTHORIZED_ACCESS_BANNER[[:space:]]*$/ {print $2}' $(UNIX_ORACLE_HOME)/network/admin/sqlnet.ora 2>/dev/null | sed 's/ //g'`" 2>/dev/null 0 0 false Inbound_connect_timeout Listener LstFile="$(UNIX_ORACLE_HOME)/network/admin/listener.ora"; Content=`sed 's/#.*//g' "$LstFile" 2>/dev/null | egrep -v "^[[:space:]]*$" | tr '\t' ' ' | tr '\n' '#'`; Listeners=`echo $Content | sed 's/= *#/=/g' | sed 's/( *#/(/g' | tr '#' '\n' | awk -F= '$2 ~ /^[[:space:]]*\([[:space:]]*[Dd][Ee][Ss][Cc][Rr][Ii][Pp][Tt][Ii][Oo][Nn]/ {print $1}' | sed 's/^ *//g' | sed 's/ *$//g'`; if [ -n "$Listeners" ]; then for listener in $Listeners; do Timeout=`egrep -i "^[[:space:]]*inbound_connect_timeout_${listener}[[:space:]]*=" "$LstFile" 2>/dev/null | awk -F= '{print $2}' | sed 's/ //g'`; if [ -z "$Timeout" ] || [ $Timeout -eq 0 ]; then echo "The inbound_connect_timeout of $listener listener is equal to 0 or does not exist"; fi; done; else echo "$LstFile does not have any listener or does not exist"; fi 0 0 false Logging Listener LstFile="$(UNIX_ORACLE_HOME)/network/admin/listener.ora"; Content=`sed 's/#.*//g' "$LstFile" 2>/dev/null | egrep -v "^[[:space:]]*$" | tr '\t' ' ' | tr '\n' '#'`; Listeners=`echo $Content | sed 's/= *#/=/g' | sed 's/( *#/(/g' | tr '#' '\n' | awk -F= '$2 ~ /^[[:space:]]*\([[:space:]]*[Dd][Ee][Ss][Cc][Rr][Ii][Pp][Tt][Ii][Oo][Nn]/ {print $1}' | sed 's/^ *//g' | sed 's/ *$//g'`; if [ -n "$Listeners" ]; then for listener in $Listeners; do Logging=`egrep -i "^[[:space:]]*Logging_${listener}[[:space:]]*=[[:space:]]*off[[:space:]]*($|\#)" "$LstFile" 2>/dev/null`; if [ "$Logging" ]; then echo "The $listener listener is not enable logging."; fi; done; else echo "$LstFile does not have any listener or does not exist"; fi; 0 0 false Query=Default Accounts;;SELECT d.USERNAME FROM DBA_USERS_WITH_DEFPWD d, DBA_USERS u WHERE d.USERNAME = u.USERNAME AND u.ACCOUNT_STATUS NOT LIKE '%EXPIRED%' AND u.ACCOUNT_STATUS NOT LIKE '%LOCKED%' AND d.USERNAME in ( 'ANONYMOUS', 'BI', 'CTXSYS', 'DBSNMP', 'DIP', 'DMSYS', 'EXFSYS', 'HR', 'IX', 'MDDATA', 'MDSYS', 'LBACSYS', 'MGMT_VIEW', 'OE', 'OLAPSYS', 'ORDPLUGINS', 'ORDSYS', 'OUTLN', 'PM', 'SCOTT', 'SH', 'SI_INFORMTN_SCHEMA', 'SYS', 'SYSMAN', 'SYSTEM', 'WKPROXY', 'WKSYS', 'WK_TEST', 'WMSYS', 'XDB' ) Order by d.USERNAME;1000;1024 0 -1 true 0 false Query=Oracle default account passwords;;select decode(type#,0,'ROLE',1,'USER') type, name, decode(astatus, 0,'OPEN', 1,'EXPIRED', 2,'EXPIRED(GRACE)', 4,'LOCKED(TIMED)', 8,'LOCKED', 5,'EXPIRED and LOCKED(TIMED)', 6,'EXPIRED(GRACE) and LOCKED(TIMED)', 9,'EXPIRED and LOCKED', 10,'EXPIRED(GRACE) and LOCKED') account_status from sys.user$ where user$.name <> 'XS$NULL' and password = decode(name, 'AASH','9B52488370BB3D77','ABA1','30FD307004F350DE','ABM','D0F2982F 121C7840','AD_MONITOR','54F0C83F51B03F49','ADAMS','72CDEF4A3483F 60D','ADS','D23F0F5D871EB69F','ADSEUL_US','4953B2EB6FCB4339','AHL',' 7910AE63C9F7EEEE','AHM','33C2E27CF5E401A4','AK','8FCB78BBA8A5951 5','AL','384B2C568DE4C2B5','ALA1','90AAC5BD7981A3BA','ALLUSERS','42 F7CD03B7D2CA0F','ALR','BE89B24F9F8231A9','AMA1','585565C23AB68F71 ','AMA2','37E458EE1688E463','AMA3','81A66D026DC5E2ED','AMA4','194CC C94A481DCDE','AMF','EC9419F55CDC666B','AMS','BD821F59270E5F34','A MS1','DB8573759A76394B','AMS2','EF611999C6AD1FD7','AMS3','41D1084F3 F966440','AMS4','5F5903367FFFB3A3','AMSYS','4C1EF14ECE13B5DE','AMV ','38BC87EB334A1AC4','AMW','0E123471AACA2A62','ANNE','1EEA3E6F588 599A6','ANONYMOUS','94C33111FD9C66F3','AOLDEMO','D04BBDD5E643 C436','AP','EED09A552944B6AD','APA1','D00197BF551B2A79','APA2','121C6 F5BD4674A33','APA3','5F843C0692560518','APA4','BF21227532D2794A','APP LEAD','5331DB9C240E093B','APPLSYS','0F886772980B8C79','APPLSYSPUB ','D2EEF40EE87221E','APPLSYS','E153FFF4DAE6C9F7','APPS','D728438E8A 5925E0','APS1','F65751C55EA079E6','APS2','5CACE7B928382C8B','APS3','C7 86695324D7FB3B','APS4','F86074C4F4F82D2C','AQDEMO','5140E342712061 DD','AQJAVA','8765D2543274B42E','AQUSER','4CF13BDAC1D7511C','AR',' BBBFE175688DED7E','ARA1','4B9F4E0667857EB8','ARA2','F4E52BFBED465 2CD','ARA3','E3D8D73AE399F7FE','ARA4','758FD31D826E9143','ARS1','4332 63ED08C7A4FD','ARS2','F3AF9F26D0213538','ARS3','F6755F08CC1E7831','A RS4','452B5A381CABB241','ART','665168849666C4F3','ASF','B6FD427D0861 9EEE','ASG','1EF8D8BD87CF16BE','ASL','03B20D2C323D0BFE','ASN','1EE6 AEBD9A23D4E0','ASO','F712D80109E3C9D8','ASP','CF95D2C6C85FF513','A ST','F13FF949563EAB3C','AUC_GUEST','8A59D349DAEC26F7','AURORA$O RB$UNAUTHENTICATED','80C099F0EADF877E','AUTHORIA','CC78120E7 9B57093','AX','0A8303530E86FCDD','AZ','AAA18B5D51B0D5AC','B2B','CC3 87B24E013C616','BAM','031091A1D1A30061','BCA1','398A69209360BD9D','B CA2','801D9C90EBC89371','BEN','9671866348E03616','BIC','E84CC95CBBAC 1B67','BIL','BF24BCE2409BE1F7','BIM','6026F9A8A54B9468','BIS','7E990188 2E5F3565','BIV','2564B34BE50C2524','BIX','3DD36935EAEDE2E3','BLAKE',' 9435F2E60569158E','BMEADOWS','2882BA3D3EE1F65A','BNE','080B5C7EE 819BF78','BOM','56DB3E89EAE5788E','BP01','612D669D2833FACD','BP02','F CE0C089A3ECECEE','BP03','0723FFEEFBA61545','BP04','E5797698E0F8934E ','BP05','58FFC821F778D7E9','BP06','2F358909A4AA6059','BSC','EC481FD7D CE6366A','BUYACCT','D6B388366ECF2F61','BUYAPPR1','CB0493169330922 8','BUYAPPR2','3F98A3ADC037F49C','BUYAPPR3','E65D8AD3ACC23DA3',' BUYER','547BDA4286A2ECAE','BUYMTCH','0DA5E3B504CC7497','CAMRO N','4384E3F9C9C9B8F1','CANDICE','CF458B3230215199','CARL','99ECCC66 4FFDFEA2','CARLY','F7D90C099F9097F1','CARMEN','46E23E1FD86A4277',' CARRIECONYERS','9BA83B1E43A5885B','CATADMIN','AF9AB905347E004 F','CE','E7FDFE26A524FE39','CEASAR','E69833B8205D5DD7','CENTRA','63B F5FFE5E3EA16D','CFD','667B018D4703C739','CHANDRA','184503FA7786C8 2D','CHARLEY','E500DAA705382E8D','CHRISBAKER','52AFB6B3BE485F81' ,'CHRISTIE','C08B79CCEC43E798','CINDY','3AB2C717D1BD0887','CLARK',' 7AAFE7D01511D73F','CLAUDE','C6082BCBD0B69D20','CLARK','74DF5278 00B6D713','CLINT','163FF8CCB7F11691','CLN','A18899D42066BFCA','CN','7 3F284637A54777D','CNCADMIN','C7C8933C678F7BF9','CONNIE','982F4C42 0DD38307','CONNOR','52875AEB74008D78','CORY','93CE4CCE632ADCD2',' CRM1','6966EA64B0DFC44E','CRM2','B041F3BEEDA87F72','CRP','F165BDE 5462AD557','CRPB733','2C9AB93FF2999125','CRPCTL','4C7A200FB33A531D ','CRPDTA','6665270166D613BC','CS','DB78866145D4E1C3','CSADMIN','9432 7195EF560924','CSAPPR1','47D841B5A01168FF','CSC','EDECA9762A8C79C D','CSD','144441CEBAFC91CF','CSDUMMY','7A587C459B93ACE4','CSE','D8 CC61E8F42537DA','CSF','684E28B3C899D42C','CSI','71C2B12C28B79294','C SL','C4D7FE062EFB85AB','CSM','94C24FC0BE22F77F','CSMIG','09B4BB013 FBD0D65','CSP','5746C5E077719DB4','CSR','0E0F7C1B1FE3FA32','CSS','3C6 B8C73DDC6B04F','CTXDEMO','CB6B5E9D9672FE89','CTXSYS','24ABAB8B 06281B4C','CTXTEST','064717C317B551B6','CTXSYS','71E687F036AD56E5',' CUA','CB7B2E6FFDD7976F','CUE','A219FE4CA25023AA','CUF','82959A9BD 2D51297','CUG','21FBCADAEAFCC489','CUI','AD7862E01FA80912','CUN','41 C2D31F3C85A79D','CUP','C03082CD3B13EC42','CUS','00A12CC6EBF8EDB8' ,'CZ','9B667E9C5A0D21A6','DAVIDMORGAN','B717BAB262B7A070','DBSN MP','E066D214D5421CCC','DCM','45CCF86E1058D3A5','DD7333','44886308C F32B5D4','DD7334','D7511E19D9BD0F90','DD810','0F9473D8D8105590','DD8 11','D8084AE609C9A2FD','DD812','AB71915CF21E849E','DD9','E81821D0307 0818C','DDB733','7D11619CEE99DE12','DDD','6CB03AF4F6DD133D','DEMO 8','0E7260738FDFD678','DES','ABFEC5AC2274E54D','DES2K','611E7A73EC4 B425A','DEV2000_DEMOS','18A0C8BD6B13BEE2','DEVB733','7500DF89DC 99C057','DEVUSER','C10B4A80D00CA7A5','DGRAY','5B76A1EB8F212B85',' DIP','CE4A36B8E06CA59C','DISCOVERER5','AF0EDB66D914B731','DKING', '255C2B0E1F0912EA','DLD','4454B932A1E0E320','DMADMIN','E6681A8926 B40826','DMATS','8C692701A4531286','DMS','1351DC7ED400BD59','DMSYS ','BFBA5A553FD9E28A','DOM','51C9F2BECA78AE0E','DPOND','79D6A5296 0EEC216','DSGATEWAY','6869F3CFD027983A','DV7333','36AFA5CD674BA 841','DV7334','473B568021BDB428','DV810','52C38F48C99A0352','DV811','B6 DC5AAB55ECB66C','DV812','7359E6E060B945BA','DV9','07A1D03FD26E58 20','DVP1','0559A0D3DE0759A6','EAA','A410B2C5A0958CDF','EAM','CE8234 D92FCFB563','EC','6A066C462B62DD46','ECX','0A30645183812087','EDR','5F EC29516474BB3A','EDWEUL_US','5922BA2E72C49787','EDWREP','79372B4 AB748501F','EGC1','D78E0F2BE306450D','EGD1','DA6D6F2089885BA6','EG M1','FB949D5E4B5255C0','EGO','B9D919E5F5A9DA71','EGR1','BB636336AD C5824A','END1','688499930C210B75','ENG','4553A3B443FB3207','ENI','05A92 C0958AFBCBC','ENM1','3BDABFD1246BFEA2','ENS1','F68A5D0D6D2BB25 B','ENTMGR_CUST','45812601EAA2B8BD','ENTMGR_PRO','2000268299147 0B3','ENTMGR_TRAIN','BE40A3BE306DD857','EOPP_PORTALADM','B6055 7FD8C45005A','EOPP_PORTALMGR','9BB3CF93F7DE25F1','EOPP_USER','1 3709991FC4800A1','EUL_US','28AEC22561414B29','EVM','137CEDC20DE69 F71','EXA1','091BCD95EE112EE3','EXA2','E4C0A21DBD06B890','EXA3','40D C4FA801A73560','EXA4','953885D52BDF5C86','EXFSYS','66F4EF5650C2035 5','EXS1','C5572BAB195817F0','EXS2','8FAA3AC645793562','EXS3','E305017 4EE1844BA','EXS4','E963BFE157475F7D','FA','21A837D0AED8F8E5','FEM',' BD63D79ADF5262E7','FIA1','2EB76E07D3E094EC','FII','CF39DE29C08F71B9 ','FLM','CEE2C4B59E7567A3','FNI1','308839029D04F80C','FNI2','05C69C8FE AB4F0B9','FPA','9FD6074B9FD3754C','FPT','73E3EC9C0D1FAECF','FRM','9A 2A7E2EBE6E4F71','FTA1','65FF9AB3A49E8A13','FTE','2FB4D2C9BAE2CCC A','FUN','8A7055CA462DB219','FV','907D70C0891A85B1','FVP1','6CC7825EA DF994E8','GALLEN','F8E8ED9F15842428','GCA1','47DA9864E018539B','GCA 2','FD6E06F7DD50E868','GCA3','4A4B9C2E9624C410','GCA9','48A7205A4C5 2D6B5','GCMGR1','14A1C1A08EA915D6','GCMGR2','F4F11339A4221A4D','G CMGR3','320F0D4258B9D190','GCS','7AE34CA7F597EBF7','GCS1','2AE8E84 D2400E61D','GCS2','C242D2B83162FF3D','GCS3','DCCB4B49C68D77E2','GE ORGIAWINE','F05B1C50A1C926DE','GL','CD6E99DACE4EA3A6','GLA1','86 C88007729EB36F','GLA2','807622529F170C02','GLA3','863A20A4EFF7386B',' GLA4','DB882CF89A758377','GLS1','7485C6BD564E75D1','GLS2','319E08C55 B04C672','GLS3','A7699C43BB136229','GLS4','7C171E6980BE2DB9','GM_A WDA','4A06A107E7A3BB10','GM_COPI','03929AE296BAAFF2','GM_DPHD',' 0519252EDF68FA86','GM_MLCT','24E8B569E8D1E93E','GM_PLADMA','294 6218A27B554D8','GM_PLADMH','2F6EDE96313AF1B7','GM_PLCCA','7A992 44B545A038D','GM_PLCCH','770D9045741499E6','GM_PLCOMA','91524D7D E2B789A8','GM_PLCOMH','FC1C6E0864BF0AF2','GM_PLCONA','1F531397 B19B1E05','GM_PLCONH','C5FE216EB8FCD023','GM_PLNSCA','DB9DD236 1D011A30','GM_PLNSCH','C80D557351110D51','GM_PLSCTA','3A778986229 BA20C','GM_PLSCTH','9E50865473B63347','GM_PLVET','674885FDB93D34 B9','GM_SPO','E57D4BD77DAF92F0','GM_STKH','C498A86BE2663899','GM A','DC7948E807DFE242','GMD','E269165256F22F01','GME','B2F0E221F45A2 28F','GMF','A07F1956E3E468E1','GMI','82542940B0CF9C16','GML','5F1869A D455BBA73','GMP','450793ACFCC7B58E','GMS','E654261035504804','GR','F5 AB0AA3197AEE42','GUEST','1C0A090E404CECD0','HCC','25A25A7FEFAC1 7B6','HHCFO','62DF37933FB35E9F','HR','4C6D73C3E8B0F0DA','HRI','49A3A 09B8FC291D0','HXC','4CEA0BF02214DA55','HXT','169018EB8E2C4A77','IA',' 42C7EAFBCEEC09CC','IBA','0BD475D5BF449C63','IBC','9FB08604A30A495 1','IBE','9D41D2B3DD095227','IBP','840267B7BD30C82E','IBU','0AD9ABABC 74B3057','IBY','F483A48F6A8C51EC','ICX','7766E887AF4DCC46','IEB','A695 699F0F71C300','IEC','CA39F929AF0A2DEC','IEM','37EF7B2DD17279B5','IEO ','E93196E9196653F1','IES','30802533ADACFE14','IEU','5D0E790B9E882230',' IEX','6CC978F56D21258D','IGC','D33CEB8277F25346','IGF','1740079EFF46A B81','IGI','8C69D50E9D92B9D0','IGS','DAF602231281B5AC','IGW','B39565F4 E3CF744B','IMC','C7D0B9CDE0B42C73','IMT','E4AAF998653C9A72','INS1','2 ADC32A0B154F897','INS2','EA372A684B790E2A','INTERNET_APPSERVER _REGISTRY','A1F98A977FFD73CD','INV','ACEAB015589CF4BC','IP','D29012 C144B58A40','IPA','EB265A08759A15B4','IPD','066A2E3072C1F2F3','ISC','373 F527DC0CFAE98','ISTEWARD','8735CA4085DE3EEA','ITG','D90F98746B68E 6CA','JA','9AC2B58153C23F3D','JD7333','FB5B8A12AE623D52','JD7334','322 810FCE43285D9','JD9','9BFAEC92526D027B','JDE','7566DC952E73E869','JDE DBA','B239DD5313303B1D','JE','FBB3209FD6280E69','JG','37A99698752A1C F1','JL','489B61E488094A8D','JOHNINARI','B3AD4DA00F9120CE','JONES','B 9E99443032F059D','JTF','5C5F6FC2EBB94124','JTI','B8F03D3E72C96F7','JTM ','6D79A2259D5B4B5A','JTR','B4E2BE38B556048F','JTS','4087EE6EB7F9CD7 C','JUNK_PS','BBC38DB05D2D3A7A','JUSTOSHUM','53369CD63902FAAA',' KELLYJONES','DD4A3FF809D2A6CF','KEVINDONS','7C6D9540B45BBC39', 'KPN','DF0AED05DE318728','LADAMS','AE542B99505CDCD2','LBA','18E5E 15A436E7157','LBACSYS','AC9700FD3F1410EB','LDQUAL','1274872AB40D4 FCD','LHILL','E70CA2CA0ED555F5','LNS','F8D2BC61C10941B2','LQUINCY', '13F9B9C1372A41B6','LSA','2D5E6036E3127B7E','MDDATA','DF02A496267 DEE66','MDSYS','72979A94BAD2AF80','ME','E5436F7169B29E4D','MDSYS',' 9AAEB2214DCC9A31','MFG','FC1B0DD35E790847','MGR1','E013305AB0185 A97','MGR2','5ADE358F8ACE73E8','MGR3','05C365C883F1251A','MGR4','E2 29E942E8542565','MIKEIKEGAMI','AAF7A168C83D5C47','MJONES','EE7BB 3FEA50A21C5','MLAKE','7EC40274AC1609CA','MM1','4418294570E152E7',' MM2','C06B5B28222E1E62','MM3','A975B1BD0C093DA3','MM4','88256901E B03A012','MM5','4CEA62CBE776DCEC','MMARTIN','D52F60115FE87AA4',' MOBILEADMIN','253922686A4A45CC','MRP','B45D4DF02D4E0C85','MSC','8 9A8C104725367B2','MSD','6A29482069E23675','MSO','3BAA3289DB35813C',' MSR','C9D53D00FE77D813','MST','A96D2408F62BE1BC','MWA','1E2F06BE2 A1D41A6','NEILKATSU','1F625BB9FEBC7617','OBJ7333','D7BDC9748AFED B52','OBJ7334','EB6C5E9DB4643CAC','OBJB733','61737A9F7D54EF5F','OCA' ,'9BC450E4C6569492','ODM','C252E8FA117AF049','ODM_MTR','A7A32CD03 D3CE8D5','ODS','89804494ADFC71BC','ODSCOMMON','59BBED977430C1A 8','OE','D1A2DFC623FDA40A','OKB','A01A5F0698FC9E31','OKC','31C1DDF4 D5D63FE6','OKE','B7C1BB95646C16FE','OKI','991C817E5FD0F35A','OKL','D E058868E3D2B966','OKO','6E204632EC7CA65D','OKR','BB0E28666845FCDC ','OKS','C2B4C76AB8257DF5','OKX','F9FDEB0DE52F5D6B','OL810','E2DA59 561CBD0296','OL811','B3E88767A01403F8','OL812','AE8C7989346785BA','O L9','17EC83E44FB7DB5B','OLAPSYS','3FB8EF9DB538647C','ONT','9E3C815 74654100A','OPI','1BF23812A0AEEDA0','ORABAM','D0A4EA93EF21CE25',' ORABAMSAMPLES','507F11063496F222','ORABPEL','26EFDE0C9C051988',' ORAESB','CC7FCCB3A1719EDA','ORAOCA_PUBLIC','FA99021634DDC111' ,'ORASAGENT','234B6F4505AD8F25','ORASSO','F3701A008AA578CF','ORA SSO_DS','17DC8E02BC75C141','ORASSO_PA','133F8D161296CB8F','ORASS O_PS','63BB534256053305','ORASSO_PUBLIC','C6EED68A8F75F5D3','ORDP LUGINS','88A2B2C183431F00','ORDSYS','7EFA02EC7EA6B86F','OSM','106A E118841A5D8C','OTA','F5E498AC7009A217','OUTLN','4A3BA55E08595C81',' OWAPUB','6696361B64F9E0A9','OWF_MGR','3CBED37697EB01D1','OZF','97 0B962D942D0C75','OZP','B650B1BB35E86863','OZS','0DABFF67E0D33623','P A','8CE2703752DB36D8','PABLO','5E309CB43FE2C2FF','PAIGE','02B6B704D FDCE620','PAM','1383324A0068757C','PARRISH','79193FDACFCE46F6','PAR SON','AE28B2BD64720CD7','PAT','DD20769D59F4F7BF','PATORILY','46B76 64BD15859F9','PATRICKSANCHEZ','47F74BD3AD4B5F0A','PATSY','4A63F 91FEC7980B7','PAUL','35EC0362643ADD3F','PAULA','BB0DC58A94C17805', 'PAXTON','4EB5D8FAD3434CCC','PCA1','8B2E303DEEEEA0C0','PCA2','7AD 6CE22462A5781','PCA3','B8194D12FD4F537D','PCA4','83AD05F1D0B0C603',' PCS1','2BE6DD3D1DEA4A16','PCS2','78117145145592B1','PCS3','F48449F028 A065B1','PCS4','E1385509C0B16BED','PD7333','5FFAD8604D9DC00F','PD733 4','CDCF262B5EE254E1','PD810','EB04A177A74C6BCB','PD811','3B3C0EFA4 F20AC37','PD812','E73A81DB32776026','PD9','CACEB3F9EA16B9B7','PDA1',' C7703B70B573D20F','PEARL','E0AFD95B9EBD0261','PEG','20577ED9A8DB8 D22','PENNY','BB6103E073D7B811','PEOPLE','613459773123B38A','PERCY',' EB9E8B33A2DDFD11','PERRY','D62B14B93EE176B6','PETE','4040619819A9 C76E','PEYTON','B7127140004677FC','PHIL','181446AE258EE2F6','PJI','5024 B1B412CD4AB9','PJM','021B05DBB892D11F','PM','72E382A52E89575A','PMI ','A7F7978B21A6F65E','PN','D40D0FEF9C8DC624','PO','355CBEC355C10FEF' ,'POA','2AB40F104D8517A0','POLLY','ABC770C112D23DBE','POM','123CF56 E05D4EF3C','PON','582090FD3CC44DA3','PORTAL','A96255A27EC33614','P ORTAL_APP','831A79AFB0BD29EC','PORTAL_DEMO','A0A3A6A577A931A 3','PORTAL_PUBLIC','70A9169655669CE8','PORTAL30','969F9C3839672C6D ','PORTAL30_DEMO','CFD1302A7F832068','PORTAL30_PUBLIC','420682016 13CA6E2','PORTAL30_SSO','882B80B587FCDBC8','PORTAL30_SSO_PS','F2 C3DC8003BC90F8','PORTAL30_SSO_PUBLIC','98741BDA2AC7FFB2','POS',' 6F6675F272217CF7','PPM1','AA4AE24987D0E84B','PPM2','4023F995FF78077 C','PPM3','12F56FADDA87BBF9','PPM4','84E17CB7A3B0E769','PPM5','804C1 59C660F902C','PRISTB733','1D1BCF8E03151EF5','PRISTCTL','78562A983A2 F78FB','PRISTDTA','3FCBC379C8FE079C','PRODB733','9CCD49EB30CB80C 4','PRODCTL','E5DE2F01529AE93C','PRODDTA','2A97CD2281B256BA','PRO DUSER','752E503EFBF2C2CA','PROJMFG','34D61E5C9BC7147E','PRP','C1C4 328F8862BC16','PS','0AE52ADF439D30BD','PS810','90C0BEC7CA10777E','PS 810CTL','D32CCE5BDCD8B9F9','PS810DTA','AC0B7353A58FC778','PS811',' B5A174184403822F','PS811CTL','18EDE0C5CCAE4C5A','PS811DTA','796154 7C7FB96920','PS812','39F0304F007D92C8','PS812CTL','E39B1CE3456ECBE5', 'PS812DTA','3780281C933FE164','PSA','FF4B266F9E61F911','PSB','28EE1E02 4FC55E66','PSBASS','F739804B718D4406','PSEM','40ACD8C0F1466A57','PSF T','7B07F6F3EC08E30D','PSFTDBA','E1ECD83073C4E134','PSP','4FE07360D4 35E2F0','PTADMIN','4C35813E45705EBA','PTCNE','463AEFECBA55BEE8','P TDMO','251D71390034576A','PTE','380FDDB696F0F266','PTESP','5553404C1 3601916','PTFRA','A360DAD317F583E3','PTG','7AB0D62E485C9A3D','PTGE R','C8D1296B4DF96518','PTJPN','2159C2EAF20011BF','PTUKE','D0EF510BC B2992A3','PTUPG','2C27080C7CC57D06','PTWEB','8F7F509D4DC01DF6','PT WEBSERVER','3C8050536003278B','PUBLIC','','PV','76224BCC80895D3D','P Y7333','2A9C53FE066B852F','PY7334','F3BBFAE0DDC5F7AC','PY810','95082 D35E94B88C2','PY811','DC548D6438E4D6B7','PY812','99C575A55E9FDA63',' PY9','B8D4E503D0C4FCFD','QA','C7AEAA2D59EB1EAE','QOT','B27D0E5BA 4DC8DEA','QP','10A40A72991DCA15','QRM','098286E4200B22DE','QS','4603 BCD2744BDE4F','QS_ADM','3990FB418162F2A0','QS_CB','870C36D8E6CD7 CF5','QS_CBADM','20E788F9D4F1D92C','QS_CS','2CA6D0FC25128CF3','QS_ ES','9A5F2D9F5D1A9EF4','QS_OS','0EF5997DC2638A61','QS_WS','0447F2F7 56B4F460','RENE','9AAD141AB0954CF0','REPADMIN','915C93F34954F5F8',' REPORTS','0D9D14FE6653CF69','REPORTS_USER','635074B4416CD3AC','R ESTRICTED_US','E7E67B60CFAFBB2D','RG','0FAA06DA0F42F21F','RHX','F FDF6A0C8C96E676','RLA','C1959B03F36C9BB2','RLM','4B16ACDA351B557 D','RM1','CD43500DAB99F447','RM2','2D8EE7F8857D477E','RM3','1A95960A 95AC2E1D','RM4','651BFD4E1DE4B040','RM5','FDCC34D74A22517C','RMA N','E7B5D92911C831E1','ROB','94405F516486CA24','RPARKER','CEBFE4C41 BBCC306','RWA1','B07E53895E37DBBB','SALLYH','21457C94616F5716','SA M','4B95138CB6A4DB94','SARAHMANDY','60BE21D8711EE7D9','SCM1','50 7306749131B393','SCM2','CBE8D6FAC7821E85','SCM3','2B311B9CDC70F05 6','SCM4','1FDF372790D5A016','SCOTT','F894844C34402B67','SDAVIS','A9A 3B88C6A550559','SECDEMO','009BBE8142502E10','SEDWARDS','00A2EDF D7835BC43','SELLCM','8318F67F72276445','SELLER','B7F439E172D5C3D0',' SELLTREAS','6EE7BA85E9F84560','SERVICES','B2BE254B514118A5','SETU P','9EA55682C163B9A3','SH','54B253CBBAAA8C48','SI_INFORMTN_SCHE MA','84B8CBCA4D477FA3','SID','CFA11E6EBA79D33E','SKAYE','ED671B63 BDDB6B50','SKYTETSUKA','EB5DA777D1F756EC','SLSAA','99064FC6A2E4 BBE8','SLSMGR','0ED44093917BE294','SLSREP','847B6AAB9471B0A5','SRA BBITT','85F734E71E391DF5','SRALPHS','975601AA57CBD61A','SRAY','C233 B26CFC5DC643','SRIVERS','95FE94ADC2B39E08','SSA1','DEE6E1BEB962A A8B','SSA2','96CA278B20579E34','SSA3','C3E8C3B002690CD4','SSC1','4F7A C652CC728980','SSC2','A1350B328E74AE87','SSC3','EE3906EC2DA586D8','S SOSDK','7C48B6FF3D54D006','SSP','87470D6CE203FB4D','SSS1','E78C515C3 1E83848','SUPPLIER','2B45928C2FE77279','SVM7333','04B731B0EE953972',' SVM7334','62E2A2E886945CC8','SVM810','0A3DCD8CA3B6ABD9','SVM811' ,'2B0CD57B1091C936','SVM812','778632974E3947C9','SVM9','552A60D8F844 41F1','SVMB733','DD2BFB14346146FE','SVP1','F7BF1FFECE27A834','SY810', 'D56934CED7019318','SY811','2FDC83B401477628','SY812','812B8D7211E7D EF1','SY9','3991E64C4BC2EC5D','SYS','43CA255A7916ECFE','SYS7333','D7C DB3124F91351E','SYS','5638228DAF52805F','SYS7334','06959F7C9850F1E3',' SYS','D4C5016086B2DC6A','SYSADMIN','DC86E8DEAA619C1A','SYSB733',' 7A7F5C90BEC02F0E','SYSMAN','EB258E708132DD2D','SYSTEM','4D27CA6 E3E3066E6','TDEMARCO','CAB71A14FA426FAE','SYSTEM','D4DF7931AB1 30E37','TDOS_ICSAP','7C0900F751723768','TESTCTL','205FA8DF03A1B0A6' ,'TESTDTA','EEAF97B5F20A3FA3','TRA1','BE8EDAE6464BA413','TRACESV R','F9DA8977092B7B81','TRBM1','B10ED16CD76DBB60','TRCM1','530E1F53 715105D0','TRDM1','FB1B8EF14CF3DEE7','TRRM1','4F29D85290E62EBE','T WILLIAMS','6BF819CE663B8499','UDDISYS','BF5E56915C3E1C64','VEA','D 38D161C22345902','VEH','72A90A786AAE2914','VIDEO31','2FA72981199F9B 97','VIDEO4','9E9B1524C454EEDE','VIDEO5','748481CFF7BE98BB','VP1','3C E03CD65316DBC7','VP2','FCCEFD28824DFEC5','VP3','DEA4D8290AA247B2' ,'VP4','F4730B0FA4F701DC','VP5','7DD67A696734AE29','VP6','45660DEE495 34ADB','WAA1','CF013DC80A9CBEE3','WAA2','6160E7A17091741A','WCRS YS','090263F40B744BD8','WEBDB','D4C4DCDD41B05A5D','WEBSYS','54BA 0A1CB5994D64','WENDYCHO','7E628CDDF051633A','WH','91792EFFCB246 4F9','WIP','D326D25AE0A0355C','WIRELESS','1495D279640E6C3A','WK_TE ST','29802572EB547DBF','WIRELESS','EB9615631433603E','WKPROXY','AA 3CB2A4D9188DDB','WKSYS','545E13456B7DDEA0','WMS','D7837F182995E 381','WMSYS','7C9BA362F8314299','WPS','50D22B9D18547CF7','WSH','D4D7 6D217B02BD7A','WSM','750F2B109F49CC13','XDB','88D8364765FCE6AF','X DO','E9DDE8ACFA7FE8E4','XDP','F05E53C662835FA2','XLA','2A8ED59E27 D86D41','XLE','CEEBE966CC6A3E39','XNB','03935918FA35C993','XNC','BD8 EA41168F6C664','XNI','F55561567EF71890','XNM','92776EA17B8B5555','XN P','3D1FB783F96D1F5E','XNS','FABA49C38150455E','XTR','A43EE9629FA90 CAE','YCAMPOS','C3BBC657F099A10F','YSANCHEZ','E0C033C4C8CC9D84' ,'ZFA','742E092A27DDFB77','ZPB','CAF58375B6D06513','ZSA','AFD3BD3C79 87CBB6','ZX','7B06550956254585','FLOWS_030000','B5C7B17C2C983E8F','F LOWS_FILES','5CDD1E40E516FE6A','TSMSYS','3DF26A8B17D0F29F','ORA CLE_OCM','6D17CF1EB1611F94','OWBSYS','610A3C38F301776F','SPATIAL _CSW_ADMIN','093913703800E437','SPATIAL_WFS_ADMIN','32FA36DC78 1579AA','SPATIAL_CSW_ADMIN_USR','1B290858DD14107E','SPATIAL_W FS_ADMIN_USR','7117215D6BEE6E82','MGMT_VIEW','17028530E6D346B4' ,'APEX_PUBLIC_USER','C8E264D926F001D8','XS$NULL','DC4FCC8CB69A 6733',name);1000;1024 0 -1 true 0 false Inbound_connect_timeout Listener LstFile="$(UNIX_ORACLE_HOME)/network/admin/listener.ora"; Content=`sed 's/#.*//g' "$LstFile" 2>/dev/null | egrep -v "^[ \t]*$" | tr '\t' ' ' | tr '\n' '#'`; Listeners=`echo $Content | sed 's/= *#/=/g' | sed 's/( *#/(/g' | tr '#' '\n' | awk -F= '$2 ~ /^[ ]*\([ ]*[Dd][Ee][Ss][Cc][Rr][Ii][Pp][Tt][Ii][Oo][Nn]/ {print $1}' | sed 's/^ *//g' | sed 's/ *$//g'`; if [ -n "$Listeners" ]; then for listener in $Listeners; do Timeout=`egrep -i "^[ \t]*inbound_connect_timeout_${listener}[ \t]*=" "$LstFile" 2>/dev/null | awk -F= '{print $2}' | sed 's/ //g'`; if [ -z "$Timeout" ] || [ $Timeout -eq 0 ]; then echo "The inbound_connect_timeout of $listener listener is equal to 0 or does not exist"; fi; done; else echo "$LstFile does not have any listener or does not exist"; fi 900000 0 false Local And Network Advertised ORACLE_SID1=`awk -F":" '$1 !~ /^#/ && $3 ~ /^(N|Y)$/ {print $1}' /var/opt/oracle/oratab 2>/dev/null | sort -u | wc -l`; ORACLE_SID2=`awk -F":" '$1 !~ /^#/ && $3 ~ /^(N|Y)$/ {print $1}' /var/opt/oracle/oratab 2>/dev/null | wc -l`; if [ $ORACLE_SID1 -ne $ORACLE_SID2 ]; then echo "ORACLE SIDs are not unique in /var/opt/oracle/oratab"; fi 0 0 false Listener Configuration LstFile="$(UNIX_ORACLE_HOME)/network/admin/listener.ora"; Listeners=`/bin/nawk '$0 !~ /^(#.*|[ \t]*)$/{Content = Content "#" $0 } END { gsub(/^#/,"",Content); gsub(/\=[ \t]*#/,"=",Content); gsub(/\([ \t]*#/,"(",Content); gsub(/#/,"\n",Content); print Content }' "$LstFile" 2>/dev/null | /bin/nawk -F= 'tolower($2) ~ /^[ \t]*\([ \t]*description/ {gsub(/[ \t]*/,"",$1); print toupper($1)}'`; if [ -n "$Listeners" ]; then for Listener in $Listeners; do Timeout=`/bin/nawk -F= '(toupper($1) ~ /^[ \t]*INBOUND_CONNECT_TIMEOUT_'$Listener'[ \t]*$/){gsub(/[ \t]*/,"",$2); print $2}' "$LstFile" 2>/dev/null`; AdminRestrictions=`/bin/nawk -F= '(toupper($1) ~ /^[ \t]*ADMIN_RESTRICTIONS_'$Listener'[ \t]*$/){gsub(/[ \t]*/,"",$2); print $2}' "$LstFile" 2>/dev/null`; DynamicRegistration=`/bin/nawk -F= '(toupper($1) ~ /^[ \t]*DYNAMIC_REGISTRATION_'$Listener'[ \t]*$/){gsub(/[ \t]*/,"",$2); print $2}' "$LstFile" 2>/dev/null`; Logging=`/bin/nawk -F= '(toupper($1) ~ /^[ \t]*LOGGING_'$Listener'[ \t]*$/){gsub(/[ \t]*/,"",$2); print $2}' "$LstFile" 2>/dev/null`; Passwords=`/bin/nawk -F= '(toupper($1) ~ /^[ \t]*PASSWORDS_'$Listener'[ \t]*$/){gsub(/[ \t]*/,"",$2); print $2}' "$LstFile" 2>/dev/null`; SecureControl=`/bin/nawk -F= '(toupper($1) ~ /^[ \t]*SECURE_CONTROL_'$Listener'[ \t]*$/){gsub(/[ \t]*/,"",$2); print $2}' "$LstFile" 2>/dev/null`; SecureProtocol=`/bin/nawk -F= '(toupper($1) ~ /^[ \t]*SECURE_PROTOCOL_'$Listener'[ \t]*$/){gsub(/[ \t]*/,"",$2); print $2}' "$LstFile" 2>/dev/null`; SecureRegister=`/bin/nawk -F= '(toupper($1) ~ /^[ \t]*SECURE_REGISTER_'$Listener'[ \t]*$/){gsub(/[ \t]*/,"",$2); print $2}' "$LstFile" 2>/dev/null`; Entry="LISTENER=$Listener INBOUND_CONNECT_TIMEOUT=$Timeout ADMIN_RESTRICTIONS=$AdminRestrictions DYNAMIC_REGISTRATION=$DynamicRegistration LOGGING=$Logging PASSWORDS=$Passwords SECURE_CONTROL=$SecureControl SECURE_PROTOCOL=$SecureProtocol SECURE_REGISTER=$SecureRegister "; /bin/echo "$Entry"; done; else /bin/echo "$LstFile does not have any listener or does not exist"; fi; 0 0 false SEC_USER_UNAUTHORIZED_ACCESS_BANNER cat "`awk -F"=" '$1 ~ /^[ \t]*SEC_USER_UNAUTHORIZED_ACCESS_BANNER[ \t]*$/ {print $2}' $(UNIX_ORACLE_HOME)/network/admin/sqlnet.ora 2>/dev/null | sed 's/ //g'`" 2>/dev/null 0 0 false SEC_USER_AUDIT_ACTION_BANNER cat "`awk -F"=" '$1 ~ /^[ \t]*SEC_USER_AUDIT_ACTION_BANNER[ \t]*$/ {print $2}' $(UNIX_ORACLE_HOME)/network/admin/sqlnet.ora 2>/dev/null | sed 's/ //g'`" 2>/dev/null 0 0 false Lock Oracle Software Owner Host Account Account="$(ORACLE_USER)"; lsuser -a rlogin login account_locked shell $Account 2>/dev/null 0 0 false ORACLE_HTTPSERVER_HOME Files Permissions ORACLE_HTTPSERVER_HOME="$(ORACLE_HTTPSERVER_HOME)"; ORACLE_DBA_GROUP="$(ORACLE_DBA_GROUP)"; ORACLE_USER="$(ORACLE_USER)"; if [ "$ORACLE_HTTPSERVER_HOME" = "Changeme" ]; then /bin/echo "ORACLE_HTTPSERVER_HOME is not configured"; else /usr/bin/find -L "$ORACLE_HTTPSERVER_HOME" \( -name ".htaccess" -o -name "dads.conf" \) -ls 2>/dev/null | /bin/awk '{ Result = $NF ":\tPermissions=" $3; if ($5 ~ /^'$ORACLE_USER'$/){ Result = Result "\tOwner=ORACLE_SOFTWARE_OWNER"; }else{ Result = Result "\tOwner=" $5; } if ($6 ~ /^'$ORACLE_DBA_GROUP'$/){ Result = Result "\tGroup=ORACLE_DBA_GROUP"; }else{ Result = Result "\tGroup=" $6; } print Result;}'; fi; 0 0 false SSLFIPS_140 Parameter ORACLE_HOME="$(UNIX_ORACLE_HOME)"; FIPS_HOME="$(FIPS_HOME)"; /bin/egrep -i "^[[:space:]]*SQLNET\.ENCRYPTION_SERVER[[:space:]]*=" "$ORACLE_HOME/network/admin/sqlnet.ora" 2>/dev/null; /bin/egrep -i "^[[:space:]]*SSLFIPS_140[[:space:]]*=" "$ORACLE_HOME/ldap/admin/fips.ora" "$FIPS_HOME/fips.ora" 2>/dev/null; 0 0 false Net Services ORACLE_HOME="$(UNIX_ORACLE_HOME)"; TnsFile="$ORACLE_HOME/network/admin/tnsnames.ora"; Content=`sed 's/#.*//g' "$TnsFile" 2>/dev/null | egrep -v "^[[:space:]]*$" | tr '\t' ' ' | tr '\n' '#'`; NetServiceNames=`echo $Content | sed 's/= *#/=/g' | sed 's/( *#/(/g' | sed 's/) *#/)/g' | tr '#' '\n' | awk -F= '$2 ~ /^[[:space:]]*\([[:space:]]*[Dd][Ee][Ss][Cc][Rr][Ii][Pp][Tt][Ii][Oo][Nn]/ {print}' | sed 's/^ *//g' | sed 's/ *$//g'`; if [ -n "$NetServiceNames" ]; then /bin/echo "$NetServiceNames"; fi; 0 0 false Umask 022 Before Installing ORACLE_HOME="$(UNIX_ORACLE_HOME)"; /usr/bin/find -L "$ORACLE_HOME" \( -perm -o=w -o -perm -g=w \) -ls | /bin/awk '{ FileName=substr($0,index($0,"/")); gsub(/\/\//,"/",FileName); print $3, $5, $6, FileName}' 2>/dev/null 0 0 false cwallet.sso Files WALLET_LOCATION="$(WALLET_LOCATION)"; if [ "$WALLET_LOCATION" = "Changeme" ]; then /bin/echo "The WALLET_LOCATION global variable is not configured"; else WalletPath=`/usr/bin/find -L "$WALLET_LOCATION" -name "cwallet.sso" 2>/dev/null`; if [ -z "$WalletPath" ]; then /bin/echo "The cwallet.sso file does not exist."; else /bin/echo "$WalletPath"; fi; fi; 0 0 false XSQLConfig.xml Permissions ORACLE_HOME="$(UNIX_ORACLE_HOME)"; ORACLE_DBA_GROUP="$(ORACLE_DBA_GROUP)"; ORACLE_USER="$(ORACLE_USER)"; /usr/bin/find -L "$ORACLE_HOME" -name "XSQLConfig.xml" -ls 2>/dev/null | /bin/awk '{ Result = $NF ":\tPermissions=" $3; if ($5 ~ /^'$ORACLE_USER'$/){ Result = Result "\tOwner=ORACLE_SOFTWARE_OWNER"; }else{ Result = Result "\tOwner=" $5; } if ($6 ~ /^'$ORACLE_DBA_GROUP'$/){ Result = Result "\tGroup=ORACLE_DBA_GROUP"; }else{ Result = Result "\tGroup=" $6; } print Result;}'; 0 0 false Oracle Directories and Files Permissions /bin/ls -ldL $(UNIX_ORACLE_HOME)/bin/* $(UNIX_ORACLE_HOME)/* $(UNIX_ORACLE_HOME)/dbs/* $(UNIX_ORACLE_HOME)/network/admin/* $(UNIX_ORACLE_HOME)/network/security/* 2>/dev/null | /bin/awk '{ Result = $NF ":\tPermissions=" $1; if ($3 ~ /^$(ORACLE_USER)$/){ Result = Result "\tOwner=ORACLE_SOFTWARE_OWNER"; }else{ Result = Result "\tOwner=" $3; } if ($4 ~ /^$(ORACLE_DBA_GROUP)$/){ Result = Result "\tGroup=ORACLE_DBA_GROUP"; }else{ Result = Result "\tGroup=" $4; } print Result;}' 0 0 false Referenced Files Permissions ORACLE_HOME="$(UNIX_ORACLE_HOME)"; ORACLE_SID="$(ORACLE_SID)"; Result=""; if [ -e "${ORACLE_HOME}/dbs/spfile${ORACLE_SID}.ora" ]; then InitFile="${ORACLE_HOME}/dbs/spfile${ORACLE_SID}.ora"; elif [ -e "${ORACLE_HOME}/dbs/spfile.ora" ]; then InitFile="${ORACLE_HOME}/dbs/spfile.ora"; elif [ -e "${ORACLE_HOME}/dbs/init${ORACLE_SID}.ora" ]; then InitFile="${ORACLE_HOME}/dbs/init${ORACLE_SID}.ora"; else /bin/echo "Could not determine the location of init.ora file"; fi; if [ -n "$InitFile" ]; then SavedIFS=$IFS; IFS=`/bin/echo "\n\b"`; InitParams=`/usr/bin/strings "$InitFile" 2>/dev/null | /bin/awk '/^\*/{ content = $0; eof = getline; while(eof==1){ if($0 ~ /^\*/){ content = content "\n" $0; }else{ content= content $0; }; eof=getline;}; print content;}'`; IFiles=`/bin/echo "$InitParams" | /bin/awk -F "=" 'tolower($1) ~ /ifile/{gsub(/\047/,"",$2); print $2}'`; for IFile in $IFiles; do IFilePermissions=`/bin/ls -ldL "$IFile" 2>/dev/null`; if [ -n "$IFilePermissions" ]; then Result=$Result"\nIFILE: $IFilePermissions"; fi; done; Audit_File_Dest=`/bin/echo "$InitParams" | /bin/awk -F "=" 'tolower($1) ~ /audit_file_dest/{gsub(/\047/,"",$2); print $2}'`; if [ -n "$Audit_File_Dest" ]; then AuditPermissions=`/bin/ls -ldL "$Audit_File_Dest" 2>/dev/null`; if [ -n "$AuditPermissions" ]; then Result=$Result"\nAUDIT_FILE_DEST: $AuditPermissions"; fi; fi; Diagnostic_Dest=`/bin/echo "$InitParams" | /bin/awk -F "=" 'tolower($1) ~ /diagnostic_dest/{gsub(/\047/,"",$2); print $2}'`; if [ -n "$Diagnostic_Dest" ]; then DiagnosticPermissions=`/bin/ls -ldL "$Diagnostic_Dest" 2>/dev/null`; if [ -n "$DiagnosticPermissions" ]; then Result=$Result"\nDIAGNOSTIC_DEST: $DiagnosticPermissions"; fi; fi; Control_Files=`/bin/echo "$InitParams" | /bin/awk -F "=" 'tolower($1) ~ /control_files/{gsub(/\047/,"",$2); gsub(/,/,"\n",$2); print $2}'`; for Control_File in $Control_Files; do ControlPermissions=`/bin/ls -ldL "$Control_File" 2>/dev/null`; if [ -n "$ControlPermissions" ]; then Result=$Result"\nCONTROL_FILE: $ControlPermissions"; fi; done; Log_Archive_Dests=`/bin/echo "$InitParams" | /bin/awk -F "=" 'tolower($1) ~ /log_archive_dest_[0-9]+/{gsub(/\047/,"",$0); match(tolower($0),/location=(".+"|[[:graph:]]+)/); FileName=substr($0,RSTART,RLENGTH); split(FileName,arr,"="); gsub(/"/,"",arr[2]); print arr[2]}'`; if [ -n "$Log_Archive_Dests" ]; then for Log_Archive_Dest in $Log_Archive_Dests; do LogPermissions=`/bin/ls -ldL "$Log_Archive_Dest" 2>/dev/null`; if [ -n "$LogPermissions" ]; then Result=$Result"\nLOG_ARCHIVE_DEST_LOCATION: $LogPermissions"; else /bin/echo "LOG_ARCHIVE_DEST_LOCATION: $Log_Archive_Dest: Directory does not exist."; fi; done; fi; fi; /bin/echo "$Result" | /bin/awk '{ if ($4 ~ /^$(ORACLE_USER)$/){ $4="ORACLE_SOFTWARE_OWNER"; } if ($5 ~ /^$(ORACLE_DBA_GROUP)$/){ $5 = "ORACLE_DBA_GROUP"; }}{print $1,$2,$4,$5,substr($0,index($0,"/"))}'; IFS="$SavedIFS"; 0 0 false Referenced Files Permissions SqlnetFile="$(UNIX_ORACLE_HOME)/network/admin/sqlnet.ora"; Result=""; Parameters="LOG_DIRECTORY_CLIENT LOG_DIRECTORY_SERVER TRACE_DIRECTORY_CLIENT TRACE_DIRECTORY_SERVER"; for Parameter in $Parameters; do Directory=`/bin/awk -F "=" 'toupper($1) ~ /^[[:space:]]*'$Parameter'[[:space:]]*$/{gsub(/[[:space:]]+/,"",$2); gsub(/#.*/,"",$2); print $2}' "$SqlnetFile" 2>/dev/null`; if [ -n "$Directory" ]; then Permissions=`/bin/ls -ldL "$Directory" 2>/dev/null | /bin/awk '{print $NF,$1,$3,$4}'`; if [ -n "$Permissions" ]; then Result=$Result"\n$Parameter: $Permissions"; fi; fi;done; /bin/echo "$Result" | /bin/awk '{ if ($4 ~ /^$(ORACLE_USER)$/){ $4="ORACLE_SOFTWARE_OWNER"; } if ($5 ~ /^$(ORACLE_DBA_GROUP)$/){ $5 = "ORACLE_DBA_GROUP"; }}{print}'; 0 0 false Referenced Files Permissions ORACLE_HOME="$(UNIX_ORACLE_HOME)"; Result=""; LstFile="${ORACLE_HOME}/network/admin/listener.ora"; Listeners=`/bin/awk '$0 !~ /^(#.*|[[:space:]]*)$/{Content = Content "#" $0 } END { gsub(/^#/,"",Content); gsub(/\=[[:space:]]*#/,"=",Content); gsub(/\([[:space:]]*#/,"(",Content); gsub(/#/,"\n",Content); print Content }' "$LstFile" 2>/dev/null | /bin/awk -F= 'tolower($2) ~ /^[[:space:]]*\([[:space:]]*description/ {gsub(/[[:space:]]*/,"",$1); print tolower($1)}'`; if [ -n "$Listeners" ]; then for Listener in $Listeners; do ADRDisabled=`/bin/egrep -i "^[[:space:]]*diag_adr_enabled_${Listener}[[:space:]]*=[[:space:]]*OFF[[:space:]]*$" "$LstFile" 2>/dev/null`; if [ -z "$ADRDisabled" ]; then continue; fi; LogDirectory=`/bin/awk -F= '(tolower($1) ~ /^[[:space:]]*log_directory_'$Listener'[[:space:]]*$/){gsub(/^[[:space:]]*|[[:space:]]*$|\"/,"",$2); print $2}' "$LstFile" 2>/dev/null`; if [ -z "$LogDirectory" ]; then LogDirectory="${ORACLE_HOME}/network/log"; fi; LogFile=`/bin/awk -F= '(tolower($1) ~ /^[[:space:]]*log_file_'$Listener'[[:space:]]*$/){gsub(/^[[:space:]]*|[[:space:]]*$|\"/,"",$2); if ($2 !~ /\.log$/) {print $2 ".log"} else {print $2}}' "$LstFile" 2>/dev/null`; if [ -z "$LogFile" ]; then LogFile="${Listener}.log"; fi; LogFilePermissions=`/bin/ls -ldL "$LogDirectory/$LogFile" 2>/dev/null | /bin/awk '{print $1,$3,$4, substr($0,index($0,"/"))}'`; if [ -n "$LogFilePermissions" ]; then Result=$Result"\nLOG_FILE_${Listener}: $LogFilePermissions"; fi; TraceDirectory=`/bin/awk -F= '(tolower($1) ~ /^[[:space:]]*trace_directory_'$Listener'[[:space:]]*$/){gsub(/^[[:space:]]*|[[:space:]]*$|\"/,"",$2); print $2}' "$LstFile" 2>/dev/null`; if [ -z "$TraceDirectory" ]; then TraceDirectory="${ORACLE_HOME}/network/trace"; fi; TraceDirectoryPermissions=`/bin/ls -ldL "$TraceDirectory" 2>/dev/null | /bin/awk '{print $1,$3,$4,substr($0,index($0,"/"))}'`; if [ -n "$TraceDirectoryPermissions" ]; then Result=$Result"\nTRACE_DIRECTORY_${Listener}: $TraceDirectoryPermissions"; fi; TraceFile=`/bin/awk -F= '(tolower($1) ~ /^[[:space:]]*trace_file_'$Listener'[[:space:]]*$/){gsub(/^[[:space:]]*|[[:space:]]*$|\"/,"",$2); if ($2 !~ /\.trc$/) {print $2 ".trc"} else {print $2}}' "$LstFile" 2>/dev/null`; if [ -z "$TraceFile" ]; then TraceFile="${Listener}.trc"; fi; TraceFilePermissions=`/bin/ls -ldL "$TraceDirectory/$TraceFile" 2>/dev/null | /bin/awk '{print $1,$3,$4,substr($0,index($0,"/"))}'`; if [ -n "$TraceFilePermissions" ]; then Result=$Result"\nTRACE_FILE_${Listener}: $TraceFilePermissions"; fi; done; fi; /bin/echo "$Result" | /bin/awk '{ if ($3 ~ /^$(ORACLE_USER)$/){ $3="ORACLE_SOFTWARE_OWNER"; } if ($4 ~ /^$(ORACLE_DBA_GROUP)$/){ $4 = "ORACLE_DBA_GROUP"; }}{print}'; 0 0 false Oracle Home File Permissions ORACLE_HOME="$(UNIX_ORACLE_HOME)"; /bin/ls -ldL $ORACLE_HOME/* 2>/dev/null | /bin/egrep -v "$ORACLE_HOME/bin(/|$)" | /bin/awk '{ Result = $NF ":\tPermissions=" $1; if ($3 ~ /^$(ORACLE_USER)$/){ Result = Result "\tOwner=ORACLE_SOFTWARE_OWNER"; }else{ Result = Result "\tOwner=" $3; } if ($4 ~ /^$(ORACLE_DBA_GROUP)$/){ Result = Result "\tGroup=ORACLE_DBA_GROUP"; }else{ Result = Result "\tGroup=" $4; } print Result;}' 0 0 false init.ora Permissions ORACLE_HOME="$(UNIX_ORACLE_HOME)"; ORACLE_SID="$(ORACLE_SID)"; if [ -e "${ORACLE_HOME}/dbs/init${ORACLE_SID}.ora" ]; then InitFile="${ORACLE_HOME}/dbs/init${ORACLE_SID}.ora"; elif [ -e "${ORACLE_HOME}/dbs/init.ora" ]; then InitFile="${ORACLE_HOME}/dbs/init.ora"; else /bin/echo "Could not determine the location of init.ora file"; fi; /bin/ls -ldL "$InitFile" 2>/dev/null | /bin/awk '{ Result = $NF ":\tPermissions=" $1; if ($3 ~ /^$(ORACLE_USER)$/){ Result = Result "\tOwner=ORACLE_SOFTWARE_OWNER"; }else{ Result = Result "\tOwner=" $3; } if ($4 ~ /^$(ORACLE_DBA_GROUP)$/){ Result = Result "\tGroup=ORACLE_DBA_GROUP"; }else{ Result = Result "\tGroup=" $4; } print Result;}' 0 0 false spfile.ora Permissions ORACLE_HOME="$(UNIX_ORACLE_HOME)"; ORACLE_SID="$(ORACLE_SID)"; if [ -e "${ORACLE_HOME}/dbs/spfile${ORACLE_SID}.ora" ]; then Spfile="${ORACLE_HOME}/dbs/spfile${ORACLE_SID}.ora"; elif [ -e "${ORACLE_HOME}/dbs/spfile.ora" ]; then Spfile="${ORACLE_HOME}/dbs/spfile.ora"; else /bin/echo "Could not determine the location of spfile.ora file"; fi; /bin/ls -ldL "$Spfile" 2>/dev/null | /bin/awk '{ Result = $NF ":\tPermissions=" $1; if ($3 ~ /^$(ORACLE_USER)$/){ Result = Result "\tOwner=ORACLE_SOFTWARE_OWNER"; }else{ Result = Result "\tOwner=" $3; } if ($4 ~ /^$(ORACLE_DBA_GROUP)$/){ Result = Result "\tGroup=ORACLE_DBA_GROUP"; }else{ Result = Result "\tGroup=" $4; } print Result;}' 0 9i/10g 0 false Query=Redo logs;;select COUNT(GROUP#) from V$LOG where MEMBERS > 1;1000;1024 0 -1 true 0 false Query=Check Archive Log Mode;;SELECT DECODE(log_mode,'NOARCHIVELOG','FAIL','ARCHIVELOG','PASS','ERROR - UNHANDLED VALUE') test FROM v$database;1000;1024 0 -1 true 0 false Password Listener LstFile="$(UNIX_ORACLE_HOME)/network/admin/listener.ora"; Content=`sed 's/#.*//g' "$LstFile" 2>/dev/null | egrep -v "^[ \t]*$" | tr '\t' ' ' | tr '\n' '#'`; Listeners=`echo $Content | sed 's/= *#/=/g' | sed 's/( *#/(/g' | tr '#' '\n' | awk -F= '$2 ~ /^[ ]*\([ ]*[Dd][Ee][Ss][Cc][Rr][Ii][Pp][Tt][Ii][Oo][Nn]/ {print $1}' | sed 's/^ *//g' | sed 's/ *$//g'`; if [ -n "$Listeners" ]; then for listener in $Listeners; do Password=`egrep -i "^[ \t]*PASSWORDS_${listener}[ \t]*=" "$LstFile" 2>/dev/null`; if [ -z "$Password" ]; then echo "The $listener listener is not set a password"; fi; done; else echo "$LstFile does not have any listener or does not exist"; fi; 0 0 false Inbound_connect_timeout LstFile="$(UNIX_ORACLE_HOME)/network/admin/listener.ora"; Content=`sed 's/#.*//g' "$LstFile" 2>/dev/null | egrep -v "^[ \t]*$" | tr '\t' ' ' | tr '\n' '#'`; Listeners=`echo $Content | sed 's/= *#/=/g' | sed 's/( *#/(/g' | tr '#' '\n' | awk -F= '$2 ~ /^[ ]*\([ ]*[Dd][Ee][Ss][Cc][Rr][Ii][Pp][Tt][Ii][Oo][Nn]/ {print $1}' | sed 's/^ *//g' | sed 's/ *$//g'`; if [ -n "$Listeners" ]; then for listener in $Listeners; do Timeout=`egrep -i "^[ \t]*inbound_connect_timeout_${listener}[ \t]*=" "$LstFile" 2>/dev/null | awk -F= '{print $2}' | sed 's/ //g'`; if [ -z "$Timeout" ] || ([ $Timeout != 1 ] && [ $Timeout != 2 ]); then echo "The inbound_connect_timeout of $listener listener is not set to 1 or 2"; fi; done; else echo "$LstFile does not have any listener or does not exist"; fi; 0 0 false Logging Listener LstFile="$(UNIX_ORACLE_HOME)/network/admin/listener.ora"; Content=`sed 's/#.*//g' "$LstFile" 2>/dev/null | egrep -v "^[ \t]*$" | tr '\t' ' ' | tr '\n' '#'`; Listeners=`echo $Content | sed 's/= *#/=/g' | sed 's/( *#/(/g' | tr '#' '\n' | awk -F= '$2 ~ /^[ ]*\([ ]*[Dd][Ee][Ss][Cc][Rr][Ii][Pp][Tt][Ii][Oo][Nn]/ {print $1}' | sed 's/^ *//g' | sed 's/ *$//g'`; if [ -n "$Listeners" ]; then for listener in $Listeners; do Logging=`egrep -i "^[ \t]*Logging_${listener}[ \t]*=[ \t]*off[ \t]*($|\#)" "$LstFile" 2>/dev/null`; if [ "$Logging" ]; then echo "The $listener listener is not enable logging."; fi; done; else echo "$LstFile does not have any listener or does not exist"; fi 0 0 false Query=Default Accounts;;select USERNAME from DBA_USERS where ACCOUNT_STATUS not like '%LOCKED%' and USERNAME in ( 'ANONYMOUS', 'BI', 'CTXSYS', 'DBSNMP', 'DIP', 'DMSYS', 'EXFSYS', 'HR', 'IX', 'MDDATA', 'MDSYS', 'LBACSYS', 'MGMT_VIEW', 'OE', 'OLAPSYS', 'ORDPLUGINS', 'ORDSYS', 'OUTLN', 'PM', 'SCOTT', 'SH', 'SI_INFORMTN_SCHEMA', 'SYS', 'SYSMAN', 'SYSTEM', 'WKPROXY', 'WKSYS', 'WK_TEST', 'WMSYS', 'XDB' ) Order by USERNAME;1000;1024 0 -1 true 9i/10g 0 false Query=Do not use nologging;;SELECT ROWNUM from (SELECT null from DBA_TABLES where LOGGING='NO' and TEMPORARY!='Y' union SELECT null from DBA_TABLESPACES where LOGGING='NOLOGGING' and TABLESPACE_NAME!='TEMP');1000;1024 0 -1 true Query=Access to database objects by a fixed user link;;select DB_LINK from DBA_DB_LINKS where USERNAME is not null Order By DB_LINK;1000;1024 0 -1 true Query=Users should not have execute;;select * from DBA_POLICIES dp where exists (select null from DBA_OBJECTS do, DBA_TAB_PRIVS dtp where do.OBJECT_TYPE = 'PACKAGE' and do.OBJECT_NAME = dp.PACKAGE and dtp.TABLE_NAME = do.OBJECT_NAME and dtp.PRIVILEGE in ('EXECUTE','ALTER','DROP') and dtp.GRANTEE not in ('ANONYMOUS', 'BI', 'CTXSYS', 'DBSNMP', 'DIP', 'DMSYS', 'EXFSYS', 'HR', 'IX', 'MDDATA', 'MDSYS', 'MGMT_VIEW', 'OE', 'OLAPSYS', 'ORDPLUGINS', 'ORDSYS', 'OUTLN', 'PM', 'SH', 'SI_INFORMTN_SCHEMA', 'SYS', 'SYSMAN' ) ) Order by OBJECT_OWNER;1000;1024 0 -1 true Using only for Oracle 9i policies 0 false Query=Audit for unsuccessful attempts;;select ROWNUM from (select null from DBA_STMT_AUDIT_OPTS where SUCCESS != 'BY ACCESS' or FAILURE != 'BY ACCESS' union select null from DBA_PRIV_AUDIT_OPTS where SUCCESS != 'BY ACCESS' or FAILURE != 'BY ACCESS' union select null from DBA_OBJ_AUDIT_OPTS where ALT not like '%/A' or AUD not like '%/A' or COM not like '%/A' or DEL not like '%/A' or GRA not like '%/A' or IND not like '%/A' or INS not like '%/A' or LOC not like '%/A' or REN not like '%/A' or SEL not like '%/A' or UPD not like '%/A');1000;1024 0 -1 true Query=Where appropriate or required by security or legal requirements;;select ROWNUM from (select null from DBA_AUDIT_POLICIES union select null from DBA_FGA_AUDIT_TRAIL);1000;1024 0 -1 true Query=Set AUDIT ALL ON SYS.AUD$ BY ACCESS;;select ROWNUM from DBA_OBJ_AUDIT_OPTS where OWNER = 'SYS' and OBJECT_NAME = 'AUD$' and ALT='A/A' and AUD='A/A' and COM='A/A' and DEL='A/A' and GRA='A/A' and IND='A/A' and INS='A/A' and LOC='A/A' and REN='A/A' and SEL='A/A' and UPD='A/A';1000;1024 0 -1 true 100 false /u00/app/oracle/admin/.profile 10000 -1 true 1 true 0 false Oracle Software Owner Information Account="$(ORACLE_USER)"; IsTrusted=`/usr/lbin/getprdef -m alock 2>/dev/null`; IsExisted=`/bin/egrep "^$Account:" /etc/passwd 2>/dev/null`; if [ -n "$IsExisted" ]; then InitialChar=`/bin/echo "$Account" | /usr/bin/cut -c 1`; PasswordFile="/tcb/files/auth/$InitialChar/$Account"; if [ -z "$IsTrusted" ]; then AdminLocked=YES; PasswordLocked=`/bin/egrep "^$Account:\*((LK|NP)\*)*:" /etc/shadow 2>/dev/null`; if [ -n "$PasswordLocked" ]; then PasswordLocked=YES; else PasswordLocked=NO; fi; else AdminLocked=`/usr/lbin/getprpw -r -m alock $Account 2>/dev/null`; PasswordLocked=`/usr/lbin/getprpw -r -m lockout $Account 2>/dev/null | /bin/cut -c 7`; if [ "$PasswordLocked" = "1" ]; then PasswordLocked=YES; else PasswordLocked=NO; fi; fi; /bin/echo "$Account: PasswordLocked=$PasswordLocked AdminLocked=$AdminLocked"; else /bin/echo "Oracle software owner [$Account] account does not exist in /etc/passwd file"; fi; 0 0 false Inbound_connect_timeout Listener echo on error resume next > %TEMP%\ICTimeout.vbs & echo LstFile="$(WINDOWS_ORACLE_DB_HOME)\NETWORK\ADMIN\listener.ora" >> %TEMP%\ICTimeout.vbs & echo Set ObjFSO = CreateObject("Scripting.FileSystemObject") >> %TEMP%\ICTimeout.vbs & echo Set objFile = objFSO.OpenTextFile(LstFile, 1) >> %TEMP%\ICTimeout.vbs & echo If (Err.Number ^<^> 0) Then >> %TEMP%\ICTimeout.vbs & echo WScript.Echo LstFile ^& " does not exist" >> %TEMP%\ICTimeout.vbs & echo WScript.Quit >> %TEMP%\ICTimeout.vbs & echo End If >> %TEMP%\ICTimeout.vbs & echo Do Until objFile.AtEndOfStream >> %TEMP%\ICTimeout.vbs & echo line = objFile.ReadLine >> %TEMP%\ICTimeout.vbs & echo If (InStr(line, "#") ^> 0) Then >> %TEMP%\ICTimeout.vbs & echo line = Mid(line, 1, InStr(line, "#") - 1) >> %TEMP%\ICTimeout.vbs & echo End If >> %TEMP%\ICTimeout.vbs & echo line = Trim(line) >> %TEMP%\ICTimeout.vbs & echo CharLeft = (Left(line, 1) = "=") Or ( Left(line, 1) = "(" ) Or ( Left(line, 1) = ")" ) >> %TEMP%\ICTimeout.vbs & echo CharRight = (Right(PreviousLine, 1) = "=") Or ( Right(PreviousLine, 1) = "(" ) >> %TEMP%\ICTimeout.vbs & echo If CharLeft Or CharRight Then >> %TEMP%\ICTimeout.vbs & echo lines = lines ^& line >> %TEMP%\ICTimeout.vbs & echo Else >> %TEMP%\ICTimeout.vbs & echo lines = lines ^& vbNewLine ^& line >> %TEMP%\ICTimeout.vbs & echo End If >> %TEMP%\ICTimeout.vbs & echo PreviousLine=line >> %TEMP%\ICTimeout.vbs & echo Loop >> %TEMP%\ICTimeout.vbs & echo objFile.Close >> %TEMP%\ICTimeout.vbs & echo Set objRE = New RegExp >> %TEMP%\ICTimeout.vbs & echo objRE.Pattern = "[\ \t]*=[\ \t]*" >> %TEMP%\ICTimeout.vbs & echo objRE.IgnoreCase = True >> %TEMP%\ICTimeout.vbs & echo objRE.Global = True >> %TEMP%\ICTimeout.vbs & echo lines = objRE.Replace(lines, "=") >> %TEMP%\ICTimeout.vbs & echo objRE.Pattern = "\n([^=(\s]+)=\([\ \t]*description" >> %TEMP%\ICTimeout.vbs & echo Set objMatch = objRE.Execute(lines) >> %TEMP%\ICTimeout.vbs & echo If objMatch.count ^> 0 Then >> %TEMP%\ICTimeout.vbs & echo For Each match In objMatch >> %TEMP%\ICTimeout.vbs & echo ListenerName = match.Submatches(0) >> %TEMP%\ICTimeout.vbs & echo objRE.Pattern = "inbound_connect_timeout_" ^& ListenerName ^& "=(\d+)" >> %TEMP%\ICTimeout.vbs & echo Timeout =0 >> %TEMP%\ICTimeout.vbs & echo Set inboundMatch = objRE.Execute(lines) >> %TEMP%\ICTimeout.vbs & echo If inboundMatch.count ^> 0 Then >> %TEMP%\ICTimeout.vbs & echo Timeout = inboundMatch.item(0).submatches(0) >> %TEMP%\ICTimeout.vbs & echo End If >> %TEMP%\ICTimeout.vbs & echo If (Timeout ^<^> 1) And (Timeout ^<^> 2) Then >> %TEMP%\ICTimeout.vbs & echo WScript.Echo "The inbound_connect_timeout of " ^& ListenerName ^& " listener is not set to 1 or 2" >> %TEMP%\ICTimeout.vbs & echo End If >> %TEMP%\ICTimeout.vbs & echo Next >> %TEMP%\ICTimeout.vbs & echo End If >> %TEMP%\ICTimeout.vbs & echo If (ListenerName = "") Then >> %TEMP%\ICTimeout.vbs & echo WScript.Echo LstFile ^& " does not have any listener" >> %TEMP%\ICTimeout.vbs & echo End If >> %TEMP%\ICTimeout.vbs & %windir%\system32\cscript /nologo %TEMP%\ICTimeout.vbs & del %TEMP%\ICTimeout.vbs 0 0 false Admin Restrictions Listener echo on error resume next > %TEMP%\AdminRestrictions.vbs & echo LstFile="$(WINDOWS_ORACLE_DB_HOME)\NETWORK\ADMIN\listener.ora" >> %TEMP%\AdminRestrictions.vbs & echo Set ObjFSO = CreateObject("Scripting.FileSystemObject") >> %TEMP%\AdminRestrictions.vbs & echo Set objFile = objFSO.OpenTextFile(LstFile, 1) >> %TEMP%\AdminRestrictions.vbs & echo If (Err.Number ^<^> 0) Then >> %TEMP%\AdminRestrictions.vbs & echo WScript.Echo LstFile ^& " does not exist" >> %TEMP%\AdminRestrictions.vbs & echo WScript.Quit >> %TEMP%\AdminRestrictions.vbs & echo End If >> %TEMP%\AdminRestrictions.vbs & echo Do Until objFile.AtEndOfStream >> %TEMP%\AdminRestrictions.vbs & echo line = objFile.ReadLine >> %TEMP%\AdminRestrictions.vbs & echo If (InStr(line, "#") ^> 0) Then >> %TEMP%\AdminRestrictions.vbs & echo line = Mid(line, 1, InStr(line, "#") - 1) >> %TEMP%\AdminRestrictions.vbs & echo End If >> %TEMP%\AdminRestrictions.vbs & echo line = Trim(line) >> %TEMP%\AdminRestrictions.vbs & echo CharLeft = (Left(line, 1) = "=") Or ( Left(line, 1) = "(" ) Or ( Left(line, 1) = ")" ) >> %TEMP%\AdminRestrictions.vbs & echo CharRight = (Right(PreviousLine, 1) = "=") Or ( Right(PreviousLine, 1) = "(" ) >> %TEMP%\AdminRestrictions.vbs & echo If CharLeft Or CharRight Then >> %TEMP%\AdminRestrictions.vbs & echo lines = lines ^& line >> %TEMP%\AdminRestrictions.vbs & echo Else >> %TEMP%\AdminRestrictions.vbs & echo lines = lines ^& vbNewLine ^& line >> %TEMP%\AdminRestrictions.vbs & echo End If >> %TEMP%\AdminRestrictions.vbs & echo PreviousLine=line >> %TEMP%\AdminRestrictions.vbs & echo Loop >> %TEMP%\AdminRestrictions.vbs & echo objFile.Close >> %TEMP%\AdminRestrictions.vbs & echo Set objRE = New RegExp >> %TEMP%\AdminRestrictions.vbs & echo objRE.Pattern = "[\ \t]*=[\ \t]*" >> %TEMP%\AdminRestrictions.vbs & echo objRE.IgnoreCase = True >> %TEMP%\AdminRestrictions.vbs & echo objRE.Global = True >> %TEMP%\AdminRestrictions.vbs & echo lines = objRE.Replace(lines, "=") >> %TEMP%\AdminRestrictions.vbs & echo objRE.Pattern = "\n([^=(\s]+)=\([\ \t]*description" >> %TEMP%\AdminRestrictions.vbs & echo Set objMatch = objRE.Execute(lines) >> %TEMP%\AdminRestrictions.vbs & echo If objMatch.count ^> 0 Then >> %TEMP%\AdminRestrictions.vbs & echo For Each match In objMatch >> %TEMP%\AdminRestrictions.vbs & echo ListenerName = match.Submatches(0) >> %TEMP%\AdminRestrictions.vbs & echo If (InStr(1,lines, "ADMIN_RESTRICTIONS_" ^& ListenerName ^& "=on", VBTextCompare) = 0) Then >> %TEMP%\AdminRestrictions.vbs & echo WScript.Echo "The " ^& ListenerName ^& " listener is not set an admin_restrictions to on" >> %TEMP%\AdminRestrictions.vbs & echo End If >> %TEMP%\AdminRestrictions.vbs & echo Next >> %TEMP%\AdminRestrictions.vbs & echo End If >> %TEMP%\AdminRestrictions.vbs & echo If (ListenerName = "") Then >> %TEMP%\AdminRestrictions.vbs & echo WScript.Echo LstFile ^& " does not have any listener" >> %TEMP%\AdminRestrictions.vbs & echo End If >> %TEMP%\AdminRestrictions.vbs & %windir%\system32\cscript /nologo %TEMP%\AdminRestrictions.vbs & del %TEMP%\AdminRestrictions.vbs 0 0 false Logging Listener echo on error resume next > %TEMP%\Logging.vbs & echo LstFile="$(WINDOWS_ORACLE_DB_HOME)\NETWORK\ADMIN\listener.ora" >> %TEMP%\Logging.vbs & echo Set ObjFSO = CreateObject("Scripting.FileSystemObject") >> %TEMP%\Logging.vbs & echo Set objFile = objFSO.OpenTextFile(LstFile, 1) >> %TEMP%\Logging.vbs & echo If (Err.Number ^<^> 0) Then >> %TEMP%\Logging.vbs & echo WScript.Echo LstFile ^& " does not exist" >> %TEMP%\Logging.vbs & echo WScript.Quit >> %TEMP%\Logging.vbs & echo End If >> %TEMP%\Logging.vbs & echo Do Until objFile.AtEndOfStream >> %TEMP%\Logging.vbs & echo line = objFile.ReadLine >> %TEMP%\Logging.vbs & echo If (InStr(line, "#") ^> 0) Then >> %TEMP%\Logging.vbs & echo line = Mid(line, 1, InStr(line, "#") - 1) >> %TEMP%\Logging.vbs & echo End If >> %TEMP%\Logging.vbs & echo line = Trim(line) >> %TEMP%\Logging.vbs & echo CharLeft = (Left(line, 1) = "=") Or ( Left(line, 1) = "(" ) Or ( Left(line, 1) = ")" ) >> %TEMP%\Logging.vbs & echo CharRight = (Right(PreviousLine, 1) = "=") Or ( Right(PreviousLine, 1) = "(" ) >> %TEMP%\Logging.vbs & echo If CharLeft Or CharRight Then >> %TEMP%\Logging.vbs & echo lines = lines ^& line >> %TEMP%\Logging.vbs & echo Else >> %TEMP%\Logging.vbs & echo lines = lines ^& vbNewLine ^& line >> %TEMP%\Logging.vbs & echo End If >> %TEMP%\Logging.vbs & echo PreviousLine=line >> %TEMP%\Logging.vbs & echo Loop >> %TEMP%\Logging.vbs & echo objFile.Close >> %TEMP%\Logging.vbs & echo Set objRE = New RegExp >> %TEMP%\Logging.vbs & echo objRE.Pattern = "[\ \t]*=[\ \t]*" >> %TEMP%\Logging.vbs & echo objRE.IgnoreCase = True >> %TEMP%\Logging.vbs & echo objRE.Global = True >> %TEMP%\Logging.vbs & echo lines = objRE.Replace(lines, "=") >> %TEMP%\Logging.vbs & echo objRE.Pattern = "\n([^=(\s]+)=\([\ \t]*description" >> %TEMP%\Logging.vbs & echo Set objMatch = objRE.Execute(lines) >> %TEMP%\Logging.vbs & echo If objMatch.count ^> 0 Then >> %TEMP%\Logging.vbs & echo For Each match In objMatch >> %TEMP%\Logging.vbs & echo ListenerName = match.Submatches(0) >> %TEMP%\Logging.vbs & echo If (InStr(1,lines, "Logging_" ^& ListenerName ^& "=off", VBTextCompare) ^<^> 0) Then >> %TEMP%\Logging.vbs & echo WScript.Echo "The " ^& ListenerName ^& " listener is not enable logging." >> %TEMP%\Logging.vbs & echo End If >> %TEMP%\Logging.vbs & echo Next >> %TEMP%\Logging.vbs & echo End If >> %TEMP%\Logging.vbs & echo If (ListenerName = "") Then >> %TEMP%\Logging.vbs & echo WScript.Echo LstFile ^& " does not have any listener" >> %TEMP%\Logging.vbs & echo End If >> %TEMP%\Logging.vbs & %windir%\system32\cscript /nologo %TEMP%\Logging.vbs & del %TEMP%\Logging.vbs 0 0 false Password Listener echo on error resume next > %TEMP%\PasswordListener.vbs & echo LstFile="$(WINDOWS_ORACLE_DB_HOME)\NETWORK\ADMIN\listener.ora" >> %TEMP%\PasswordListener.vbs & echo Set ObjFSO = CreateObject("Scripting.FileSystemObject") >> %TEMP%\PasswordListener.vbs & echo Set objFile = objFSO.OpenTextFile(LstFile, 1) >> %TEMP%\PasswordListener.vbs & echo If (Err.Number ^<^> 0) Then >> %TEMP%\PasswordListener.vbs & echo WScript.Echo LstFile ^& " does not exist" >> %TEMP%\PasswordListener.vbs & echo WScript.Quit >> %TEMP%\PasswordListener.vbs & echo End If >> %TEMP%\PasswordListener.vbs & echo Do Until objFile.AtEndOfStream >> %TEMP%\PasswordListener.vbs & echo line = objFile.ReadLine >> %TEMP%\PasswordListener.vbs & echo If (InStr(line, "#") ^> 0) Then >> %TEMP%\PasswordListener.vbs & echo line = Mid(line, 1, InStr(line, "#") - 1) >> %TEMP%\PasswordListener.vbs & echo End If >> %TEMP%\PasswordListener.vbs & echo line = Trim(line) >> %TEMP%\PasswordListener.vbs & echo CharLeft = (Left(line, 1) = "=") Or ( Left(line, 1) = "(" ) Or ( Left(line, 1) = ")" ) >> %TEMP%\PasswordListener.vbs & echo CharRight = (Right(PreviousLine, 1) = "=") Or ( Right(PreviousLine, 1) = "(" ) >> %TEMP%\PasswordListener.vbs & echo If CharLeft Or CharRight Then >> %TEMP%\PasswordListener.vbs & echo lines = lines ^& line >> %TEMP%\PasswordListener.vbs & echo Else >> %TEMP%\PasswordListener.vbs & echo lines = lines ^& vbNewLine ^& line >> %TEMP%\PasswordListener.vbs & echo End If >> %TEMP%\PasswordListener.vbs & echo PreviousLine=line >> %TEMP%\PasswordListener.vbs & echo Loop >> %TEMP%\PasswordListener.vbs & echo objFile.Close >> %TEMP%\PasswordListener.vbs & echo Set objRE = New RegExp >> %TEMP%\PasswordListener.vbs & echo objRE.Pattern = "[\ \t]*=[\ \t]*" >> %TEMP%\PasswordListener.vbs & echo objRE.IgnoreCase = True >> %TEMP%\PasswordListener.vbs & echo objRE.Global = True >> %TEMP%\PasswordListener.vbs & echo lines = objRE.Replace(lines, "=") >> %TEMP%\PasswordListener.vbs & echo objRE.Pattern = "\n([^=(\s]+)=\([\ \t]*description" >> %TEMP%\PasswordListener.vbs & echo Set objMatch = objRE.Execute(lines) >> %TEMP%\PasswordListener.vbs & echo If objMatch.count ^> 0 Then >> %TEMP%\PasswordListener.vbs & echo For Each match In objMatch >> %TEMP%\PasswordListener.vbs & echo ListenerName = match.Submatches(0) >> %TEMP%\PasswordListener.vbs & echo If (InStr(1,lines, "passwords_" ^& ListenerName ^& "=", VBTextCompare) = 0) Then >> %TEMP%\PasswordListener.vbs & echo WScript.Echo "The " ^& ListenerName ^& " listener is not set a password" >> %TEMP%\PasswordListener.vbs & echo End If >> %TEMP%\PasswordListener.vbs & echo Next >> %TEMP%\PasswordListener.vbs & echo End If >> %TEMP%\PasswordListener.vbs & echo If (ListenerName = "") Then >> %TEMP%\PasswordListener.vbs & echo WScript.Echo LstFile ^& " does not have any listener" >> %TEMP%\PasswordListener.vbs & echo End If >> %TEMP%\PasswordListener.vbs & %windir%\system32\cscript /nologo %TEMP%\PasswordListener.vbs & del %TEMP%\PasswordListener.vbs 0 0 false dat Files dir /B $(WINDOWS_ORACLE_DB_HOME)\otrace\admin\*.dat 0 0 false Windows_directory_permissions echo @echo off > %temp%\CIS_Oracle_Win.bat & echo set str=$(WINDOWS_ORACLE_DB_BASE) >> %temp%\CIS_Oracle_Win.bat & echo set str=%str:~0,3% >> %temp%\CIS_Oracle_Win.bat & echo cacls %str% ^| find /I "BUILTIN\Administrators:" >> %temp%\CIS_Oracle_Win.bat & echo cacls %str% ^| find /I "NT AUTHORITY\SYSTEM:" >> %temp%\CIS_Oracle_Win.bat & echo cacls %str% ^| find /I "Everyone:" >> %temp%\CIS_Oracle_Win.bat & %temp%\CIS_Oracle_Win.bat & del %temp%\CIS_Oracle_Win.bat 0 0 false Windows_Program_Files_Permissions echo @echo off > %temp%\CIS_Oracle_Win.bat & echo set str=%ProgramFiles%\oracle >> %temp%\CIS_Oracle_Win.bat & echo cacls "%str%" >> %temp%\CIS_Oracle_Win.bat & %temp%\CIS_Oracle_Win.bat & del %temp%\CIS_Oracle_Win.bat 0 0 false $(WINDOWS_ORACLE_DB_HOME)\NETWORK\ADMIN\sqlnet.ora 0 -1 true 1 $(WINDOWS_ORACLE_DB_HOME)\hs\admin\extproc.ora 0 0 true 1 $(WINDOWS_ORACLE_DB_HOME)\ldap\admin\fips.ora 0 0 true 1 $(WINDOWS_ORACLE_DB_HOME)\rdbms\admin\externaljob.ora 0 0 true 1 $(WINDOWS_ORACLE_DB_HOME)\network\admin\cman.ora 0 0 true 1 $(WINDOWS_ORACLE_DB_HOME)\bin\dbsnmp.exe 0 0 false 1 $(WINDOWS_ORACLE_DB_HOME)\NETWORK\ADMIN\tnsnames.ora 0 0 true 1 $(WINDOWS_ORACLE_DB_HOME)\NETWORK\ADMIN\listener.ora 0 0 true 1 $(WINDOWS_ORACLE_DB_BASE) 0 0 true 1 $(WINDOWS_ORACLE_DB_HOME)\bin\tkprof.exe 0 0 true 1 $(WINDOWS_ORACLE_DB_HOME)\bin\extproc.exe 0 0 true 1 $(WINDOWS_ORACLE_IAS_HOME)\sysman\config\emoms.properties 0 0 true 1 WINDOWS_ORACLE_DB_HOME located beneath ORACLE_BASE is where the oracle products reside. Eg: C:\oracle\ora92 (this applies for Window platform) 1 Stream Count SHA-1 Stream SHA-1 Size 2 Stream Count Stream SHA-1 1 DACL Group Stream Count SACL SHA-1 Stream SHA-1 Size Read-Only Owner 2 DACL Group Stream Count SACL Stream SHA-1 Read-Only Owner WINDOWS_ORACLE_DB_BASE is a directory in which Oracle products are installed on Window platform. Eg: C:\oracle WINDOWS_ORACLE_IAS_HOME located beneath WINDOWS_ORACLE_DB_HOME, that provides a key piece of the infrastructure necessary for us to bring our Oracle databases to the Web. Eg: C:\oracle\product\10.2.0\db_1\vertigo.auto.tripwire.com_qa10g 0 false $(WINDOWS_ORACLE_DB_HOME)\network\agent 0 0 true 1 0 false HKEY_LOCAL_MACHINE 0 0 true 1 HKEY_LOCAL_MACHINE\\SOFTWARE\\ORACLE 0 -1 true 1 OSAUTH_PREFIX_DOMAIN ORACLE_SID USE_SHARED_SOCKET HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\ProductOptions|ProductType 0 0 true 1 1 SHA-1 Size Data Type 2 DACL Group SACL Owner 1 SHA-1 Size Data Type 0 false Windows_admin_account C:\windows\system32\wbem\wmic useraccount where Name='Administrator' GET Name /value 0 0 false HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\OracleOraDb10g_home1iSQL*Plus|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Alerter|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\ClipSrv|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Browser|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Dhcp|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Fax|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\LicenseService|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\dmadmin|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Messenger|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\mnmsrvc|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\NetDDE|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\NetDDEdsdm|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Spooler|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\RasAuto|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\RasMan|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\NtmsSvc|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\ScardSvr|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\TapiSrv|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\TlntSvr|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\MSIServer|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\lanmanworkstation|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Dfs|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\ScardDrv|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\RemoteRegistry|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\PolicyAgent|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\OracleOraHome92HTTPServer|Start 0 0 true 1 HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\seclogon|Start 0 0 true 1 0 false Inbound_connect_timeout Listener echo on error resume next > %systemdrive%\ICTimeout.vbs & echo LstFile="$(WINDOWS_ORACLE_DB_HOME)\NETWORK\ADMIN\listener.ora" > %systemdrive%\ICTimeout.vbs & echo Set ObjFSO = CreateObject("Scripting.FileSystemObject") >> %systemdrive%\ICTimeout.vbs & echo Set objFile = objFSO.OpenTextFile(LstFile, 1) >> %systemdrive%\ICTimeout.vbs & echo If (Err.Number ^<^> 0) Then >> %systemdrive%\ICTimeout.vbs & echo WScript.Echo LstFile ^& " does not exist" >> %systemdrive%\ICTimeout.vbs & echo WScript.Quit >> %systemdrive%\ICTimeout.vbs & echo End If >> %systemdrive%\ICTimeout.vbs & echo Do Until objFile.AtEndOfStream >> %systemdrive%\ICTimeout.vbs & echo line = objFile.ReadLine >> %systemdrive%\ICTimeout.vbs & echo If (InStr(line, "#") ^> 0) Then >> %systemdrive%\ICTimeout.vbs & echo line = Mid(line, 1, InStr(line, "#") - 1) >> %systemdrive%\ICTimeout.vbs & echo End If >> %systemdrive%\ICTimeout.vbs & echo line = Trim(line) >> %systemdrive%\ICTimeout.vbs & echo CharLeft = (Left(line, 1) = "=") Or ( Left(line, 1) = "(" ) Or ( Left(line, 1) = ")" ) >> %systemdrive%\ICTimeout.vbs & echo CharRight = (Right(PreviousLine, 1) = "=") Or ( Right(PreviousLine, 1) = "(" ) >> %systemdrive%\ICTimeout.vbs & echo If CharLeft Or CharRight Then >> %systemdrive%\ICTimeout.vbs & echo lines = lines ^& line >> %systemdrive%\ICTimeout.vbs & echo Else >> %systemdrive%\ICTimeout.vbs & echo lines = lines ^& vbNewLine ^& line >> %systemdrive%\ICTimeout.vbs & echo End If >> %systemdrive%\ICTimeout.vbs & echo PreviousLine=line >> %systemdrive%\ICTimeout.vbs & echo Loop >> %systemdrive%\ICTimeout.vbs & echo objFile.Close >> %systemdrive%\ICTimeout.vbs & echo Set objRE = New RegExp >> %systemdrive%\ICTimeout.vbs & echo objRE.Pattern = "[\ \t]*=[\ \t]*" >> %systemdrive%\ICTimeout.vbs & echo objRE.IgnoreCase = True >> %systemdrive%\ICTimeout.vbs & echo objRE.Global = True >> %systemdrive%\ICTimeout.vbs & echo lines = objRE.Replace(lines, "=") >> %systemdrive%\ICTimeout.vbs & echo objRE.Pattern = "\n([^=(\s]+)=\([\ \t]*description" >> %systemdrive%\ICTimeout.vbs & echo Set objMatch = objRE.Execute(lines) >> %systemdrive%\ICTimeout.vbs & echo If objMatch.count ^> 0 Then >> %systemdrive%\ICTimeout.vbs & echo For Each match In objMatch >> %systemdrive%\ICTimeout.vbs & echo ListenerName = match.Submatches(0) >> %systemdrive%\ICTimeout.vbs & echo objRE.Pattern = "inbound_connect_timeout_" ^& ListenerName ^& "=(\d+)" >> %systemdrive%\ICTimeout.vbs & echo Timeout =0 >> %systemdrive%\ICTimeout.vbs & echo Set inboundMatch = objRE.Execute(lines) >> %systemdrive%\ICTimeout.vbs & echo If inboundMatch.count ^> 0 Then >> %systemdrive%\ICTimeout.vbs & echo Timeout = inboundMatch.item(0).submatches(0) >> %systemdrive%\ICTimeout.vbs & echo End If >> %systemdrive%\ICTimeout.vbs & echo If (Timeout ^< 1) Then >> %systemdrive%\ICTimeout.vbs & echo WScript.Echo "The inbound_connect_timeout of " ^& ListenerName ^& " listener is not set greater than 0" >> %systemdrive%\ICTimeout.vbs & echo End If >> %systemdrive%\ICTimeout.vbs & echo Next >> %systemdrive%\ICTimeout.vbs & echo End If >> %systemdrive%\ICTimeout.vbs & echo If (ListenerName = "") Then >> %systemdrive%\ICTimeout.vbs & echo WScript.Echo LstFile ^& " does not have any listener" >> %systemdrive%\ICTimeout.vbs & echo End If >> %systemdrive%\ICTimeout.vbs & %windir%\system32\cscript /nologo %systemdrive%\ICTimeout.vbs & del %systemdrive%\ICTimeout.vbs 0 0 false Oracle Advanced Security Is Installed set Oracle_Home= & set Oracle_Home=$(WINDOWS_ORACLE_DB_HOME)& $(WINDOWS_ORACLE_DB_HOME)\OPatch\opatch lsinventory -detail 0 0 false SECURE_CONTROL Listener echo on error resume next > %TEMP%\SECURE_CONTROL.vbs & echo LstFile="$(WINDOWS_ORACLE_DB_HOME)\NETWORK\ADMIN\listener.ora" >> %TEMP%\SECURE_CONTROL.vbs & echo Set ObjFSO = CreateObject("Scripting.FileSystemObject") >> %TEMP%\SECURE_CONTROL.vbs & echo Set objFile = objFSO.OpenTextFile(LstFile, 1) >> %TEMP%\SECURE_CONTROL.vbs & echo If (Err.Number ^<^> 0) Then >> %TEMP%\SECURE_CONTROL.vbs & echo WScript.Echo LstFile ^& " does not exist" >> %TEMP%\SECURE_CONTROL.vbs & echo WScript.Quit >> %TEMP%\SECURE_CONTROL.vbs & echo End If >> %TEMP%\SECURE_CONTROL.vbs & echo Do Until objFile.AtEndOfStream >> %TEMP%\SECURE_CONTROL.vbs & echo line = objFile.ReadLine >> %TEMP%\SECURE_CONTROL.vbs & echo If (InStr(line, "#") ^> 0) Then >> %TEMP%\SECURE_CONTROL.vbs & echo line = Mid(line, 1, InStr(line, "#") - 1) >> %TEMP%\SECURE_CONTROL.vbs & echo End If >> %TEMP%\SECURE_CONTROL.vbs & echo line = Trim(line) >> %TEMP%\SECURE_CONTROL.vbs & echo CharLeft = (Left(line, 1) = "=") Or ( Left(line, 1) = "(" ) Or ( Left(line, 1) = ")" ) >> %TEMP%\SECURE_CONTROL.vbs & echo CharRight = (Right(PreviousLine, 1) = "=") Or ( Right(PreviousLine, 1) = "(" ) >> %TEMP%\SECURE_CONTROL.vbs & echo If CharLeft Or CharRight Then >> %TEMP%\SECURE_CONTROL.vbs & echo lines = lines ^& line >> %TEMP%\SECURE_CONTROL.vbs & echo Else >> %TEMP%\SECURE_CONTROL.vbs & echo lines = lines ^& vbNewLine ^& line >> %TEMP%\SECURE_CONTROL.vbs & echo End If >> %TEMP%\SECURE_CONTROL.vbs & echo PreviousLine=line >> %TEMP%\SECURE_CONTROL.vbs & echo Loop >> %TEMP%\SECURE_CONTROL.vbs & echo objFile.Close >> %TEMP%\SECURE_CONTROL.vbs & echo Set objRE = New RegExp >> %TEMP%\SECURE_CONTROL.vbs & echo objRE.Pattern = "[\ \t]*=[\ \t]*" >> %TEMP%\SECURE_CONTROL.vbs & echo objRE.IgnoreCase = True >> %TEMP%\SECURE_CONTROL.vbs & echo objRE.Global = True >> %TEMP%\SECURE_CONTROL.vbs & echo lines = objRE.Replace(lines, "=") >> %TEMP%\SECURE_CONTROL.vbs & echo objRE.Pattern = "\n([^=(\s]+)=\([\ \t]*description" >> %TEMP%\SECURE_CONTROL.vbs & echo Set objMatch = objRE.Execute(lines) >> %TEMP%\SECURE_CONTROL.vbs & echo If objMatch.count ^> 0 Then >> %TEMP%\SECURE_CONTROL.vbs & echo For Each match In objMatch >> %TEMP%\SECURE_CONTROL.vbs & echo ListenerName = match.Submatches(0) >> %TEMP%\SECURE_CONTROL.vbs & echo If (InStr(1,Replace(lines,vbnewline,"#"),"#SECURE_CONTROL_" ^& ListenerName ^& "=(TCPS, IPC)#", VBTextCompare) = 0 and InStr(1,Replace(lines,vbnewline,"#"),"#SECURE_CONTROL_" ^& ListenerName ^& "=(IPC, TCPS)#", VBTextCompare) = 0) Then >> %TEMP%\SECURE_CONTROL.vbs & echo WScript.Echo "The " ^& ListenerName ^& " listener is not set an SECURE_CONTROL to (TCPS, IPC)" >> %TEMP%\SECURE_CONTROL.vbs & echo End If >> %TEMP%\SECURE_CONTROL.vbs & echo Next >> %TEMP%\SECURE_CONTROL.vbs & echo End If >> %TEMP%\SECURE_CONTROL.vbs & echo If (ListenerName = "") Then >> %TEMP%\SECURE_CONTROL.vbs & echo WScript.Echo LstFile ^& " does not have any listener" >> %TEMP%\SECURE_CONTROL.vbs & echo End If >> %TEMP%\SECURE_CONTROL.vbs & %windir%\system32\cscript /nologo %TEMP%\SECURE_CONTROL.vbs del %TEMP%\SECURE_CONTROL.vbs 0 0 false SEC_USER_UNAUTHORIZED_ACCESS_BANNER findStr /i /r /c:"^ *SEC_USER_UNAUTHORIZED_ACCESS_BANNER *=" $(WINDOWS_ORACLE_DB_HOME)\network\admin\sqlnet.ora > %systemdrive%\ResultStr.txt & echo On Error Resume Next >%systemdrive%\ResultStr.vbs & echo Set objFSO = CreateObject("Scripting.FileSystemObject") >>%systemdrive%\ResultStr.vbs & echo str ="%systemdrive%" >>%systemdrive%\ResultStr.vbs & echo str = str +"\ResultStr.txt" >>%systemdrive%\ResultStr.vbs & echo Set objFile = objFSO.OpenTextFile(str, ForReading) >>%systemdrive%\ResultStr.vbs & echo Const ForReading = 1 >>%systemdrive%\ResultStr.vbs & echo Dim arrFileLines() >>%systemdrive%\ResultStr.vbs & echo Dim arrPra() >>%systemdrive%\ResultStr.vbs & echo i = 0 >>%systemdrive%\ResultStr.vbs & echo Do Until objFile.AtEndOfStream >>%systemdrive%\ResultStr.vbs & echo Redim Preserve arrFileLines(i) >>%systemdrive%\ResultStr.vbs & echo arrFileLines(i) = trim(objFile.ReadLine) >>%systemdrive%\ResultStr.vbs & echo i = i + 1 >>%systemdrive%\ResultStr.vbs & echo Loop >>%systemdrive%\ResultStr.vbs & echo objFile.Close >>%systemdrive%\ResultStr.vbs & echo For Each strLine in arrFileLines >>%systemdrive%\ResultStr.vbs & echo ParameterList = Split(strLine, "=") >>%systemdrive%\ResultStr.vbs & echo For i = 1 to Ubound(ParameterList) >>%systemdrive%\ResultStr.vbs & echo Redim Preserve arrPra(i) >>%systemdrive%\ResultStr.vbs & echo arrPra(i) = ParameterList(i) >>%systemdrive%\ResultStr.vbs & echo Wscript.Echo arrPra(i) >>%systemdrive%\ResultStr.vbs & echo Next >>%systemdrive%\ResultStr.vbs & echo Next >>%systemdrive%\ResultStr.vbs & %windir%\system32\cscript /nologo %systemdrive%\ResultStr.vbs >%systemdrive%\Policy.txt & echo On Error Resume Next >%systemdrive%\Policy.vbs & echo Set objFSO1 = CreateObject("Scripting.FileSystemObject") >>%systemdrive%\Policy.vbs & echo str ="%systemdrive%" >>%systemdrive%\Policy.vbs & echo str = str +"\Policy.txt" >>%systemdrive%\Policy.vbs & echo Set objFile1 = objFSO1.OpenTextFile(str, ForReading) >>%systemdrive%\Policy.vbs & echo Const ForReading = 1 >>%systemdrive%\Policy.vbs & echo Dim arrPra() >>%systemdrive%\Policy.vbs & echo i = 0 >>%systemdrive%\Policy.vbs & echo Do Until objFile1.AtEndOfStream >>%systemdrive%\Policy.vbs & echo Redim Preserve arrPra(i) >>%systemdrive%\Policy.vbs & echo arrPra(i) = trim(objFile1.ReadLine) >>%systemdrive%\Policy.vbs & echo i = i + 1 >>%systemdrive%\Policy.vbs & echo Loop >>%systemdrive%\Policy.vbs & echo objFile1.Close >>%systemdrive%\Policy.vbs & echo str= LCase(arrPra(0)) >>%systemdrive%\Policy.vbs & echo Wscript.Echo "dir " ^& trim(arrPra(0)) >>%systemdrive%\Policy.vbs & %windir%\system32\cscript /nologo %systemdrive%\Policy.vbs >%systemdrive%\Policy.bat & %systemdrive%\Policy.bat & del %systemdrive%\ResultStr.txt & del %systemdrive%\Policy.bat & del %systemdrive%\Policy.vbs & del %systemdrive%\ResultStr.vbs & del %systemdrive%\Policy.txt 0 0 false SEC_USER_AUDIT_ACTION_BANNER findStr /i /r /c:"^ *SEC_USER_AUDIT_ACTION_BANNER *=" $(WINDOWS_ORACLE_DB_HOME)\network\admin\sqlnet.ora > %systemdrive%\ResultStr.txt & echo On Error Resume Next >%systemdrive%\ResultStr.vbs & echo Set objFSO = CreateObject("Scripting.FileSystemObject") >>%systemdrive%\ResultStr.vbs & echo str ="%systemdrive%" >>%systemdrive%\ResultStr.vbs & echo str = str +"\ResultStr.txt" >>%systemdrive%\ResultStr.vbs & echo Set objFile = objFSO.OpenTextFile(str, ForReading) >>%systemdrive%\ResultStr.vbs & echo Const ForReading = 1 >>%systemdrive%\ResultStr.vbs & echo Dim arrFileLines() >>%systemdrive%\ResultStr.vbs & echo Dim arrPra() >>%systemdrive%\ResultStr.vbs & echo i = 0 >>%systemdrive%\ResultStr.vbs & echo Do Until objFile.AtEndOfStream >>%systemdrive%\ResultStr.vbs & echo Redim Preserve arrFileLines(i) >>%systemdrive%\ResultStr.vbs & echo arrFileLines(i) = trim(objFile.ReadLine) >>%systemdrive%\ResultStr.vbs & echo i = i + 1 >>%systemdrive%\ResultStr.vbs & echo Loop >>%systemdrive%\ResultStr.vbs & echo objFile.Close >>%systemdrive%\ResultStr.vbs & echo For Each strLine in arrFileLines >>%systemdrive%\ResultStr.vbs & echo ParameterList = Split(strLine, "=") >>%systemdrive%\ResultStr.vbs & echo For i = 1 to Ubound(ParameterList) >>%systemdrive%\ResultStr.vbs & echo Redim Preserve arrPra(i) >>%systemdrive%\ResultStr.vbs & echo arrPra(i) = ParameterList(i) >>%systemdrive%\ResultStr.vbs & echo Wscript.Echo arrPra(i) >>%systemdrive%\ResultStr.vbs & echo Next >>%systemdrive%\ResultStr.vbs & echo Next >>%systemdrive%\ResultStr.vbs & %windir%\system32\cscript /nologo %systemdrive%\ResultStr.vbs >%systemdrive%\Policy.txt & echo On Error Resume Next >%systemdrive%\Policy.vbs & echo Set objFSO1 = CreateObject("Scripting.FileSystemObject") >>%systemdrive%\Policy.vbs & echo str ="%systemdrive%" >>%systemdrive%\Policy.vbs & echo str = str +"\Policy.txt" >>%systemdrive%\Policy.vbs & echo Set objFile1 = objFSO1.OpenTextFile(str, ForReading) >>%systemdrive%\Policy.vbs & echo Const ForReading = 1 >>%systemdrive%\Policy.vbs & echo Dim arrPra() >>%systemdrive%\Policy.vbs & echo i = 0 >>%systemdrive%\Policy.vbs & echo Do Until objFile1.AtEndOfStream >>%systemdrive%\Policy.vbs & echo Redim Preserve arrPra(i) >>%systemdrive%\Policy.vbs & echo arrPra(i) = trim(objFile1.ReadLine) >>%systemdrive%\Policy.vbs & echo i = i + 1 >>%systemdrive%\Policy.vbs & echo Loop >>%systemdrive%\Policy.vbs & echo objFile1.Close >>%systemdrive%\Policy.vbs & echo str= LCase(arrPra(0)) >>%systemdrive%\Policy.vbs & echo Wscript.Echo "dir " ^& trim(arrPra(0)) >>%systemdrive%\Policy.vbs & %windir%\system32\cscript /nologo %systemdrive%\Policy.vbs >%systemdrive%\Policy.bat & %systemdrive%\Policy.bat & del %systemdrive%\ResultStr.txt & del %systemdrive%\Policy.bat & del %systemdrive%\Policy.vbs & del %systemdrive%\ResultStr.vbs & del %systemdrive%\Policy.txt 0 0 false DYNAMIC_REGISTRATION_Listener echo on error resume next > %TEMP%\DYNAMIC_REGISTRATION.vbs & echo LstFile="$(WINDOWS_ORACLE_DB_HOME)\NETWORK\ADMIN\listener.ora" >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo Set ObjFSO = CreateObject("Scripting.FileSystemObject") >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo Set objFile = objFSO.OpenTextFile(LstFile, 1) >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo If (Err.Number ^<^> 0) Then >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo WScript.Echo LstFile ^& " does not exist" >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo WScript.Quit >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo End If >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo Do Until objFile.AtEndOfStream >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo line = objFile.ReadLine >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo If (InStr(line, "#") ^> 0) Then >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo line = Mid(line, 1, InStr(line, "#") - 1) >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo End If >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo line = Trim(line) >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo CharLeft = (Left(line, 1) = "=") Or ( Left(line, 1) = "(" ) Or ( Left(line, 1) = ")" ) >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo CharRight = (Right(PreviousLine, 1) = "=") Or ( Right(PreviousLine, 1) = "(" ) >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo If CharLeft Or CharRight Then >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo lines = lines ^& line >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo Else >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo lines = lines ^& vbNewLine ^& line >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo End If >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo PreviousLine=line >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo Loop >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo objFile.Close >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo Set objRE = New RegExp >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo objRE.Pattern = "[\ \t]*=[\ \t]*" >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo objRE.IgnoreCase = True >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo objRE.Global = True >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo lines = objRE.Replace(lines, "=") >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo objRE.Pattern = "\n([^=(\s]+)=\([\ \t]*description" >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo Set objMatch = objRE.Execute(lines) >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo If objMatch.count ^> 0 Then >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo For Each match In objMatch >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo ListenerName = match.Submatches(0) >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo If (InStr(1,Replace(lines,vbnewline,"#"),"#DYNAMIC_REGISTRATION_" ^& ListenerName ^& "=OFF#", VBTextCompare) = 0) Then >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo WScript.Echo "The " ^& ListenerName ^& " listener is not set an DYNAMIC_REGISTRATION to OFF" >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo End If >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo Next >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo End If >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo If (ListenerName = "") Then >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo WScript.Echo LstFile ^& " does not have any listener" >> %TEMP%\DYNAMIC_REGISTRATION.vbs & echo End If >> %TEMP%\DYNAMIC_REGISTRATION.vbs & %windir%\system32\cscript /nologo %TEMP%\DYNAMIC_REGISTRATION.vbs del %TEMP%\DYNAMIC_REGISTRATION.vbs 0 0 false SECURE_REGISTER Listener echo on error resume next > %TEMP%\SECURE_REGISTER.vbs & echo LstFile="$(WINDOWS_ORACLE_DB_HOME)\NETWORK\ADMIN\listener.ora" >> %TEMP%\SECURE_REGISTER.vbs & echo Set ObjFSO = CreateObject("Scripting.FileSystemObject") >> %TEMP%\SECURE_REGISTER.vbs & echo Set objFile = objFSO.OpenTextFile(LstFile, 1) >> %TEMP%\SECURE_REGISTER.vbs & echo If (Err.Number ^<^> 0) Then >> %TEMP%\SECURE_REGISTER.vbs & echo WScript.Echo LstFile ^& " does not exist" >> %TEMP%\SECURE_REGISTER.vbs & echo WScript.Quit >> %TEMP%\SECURE_REGISTER.vbs & echo End If >> %TEMP%\SECURE_REGISTER.vbs & echo Do Until objFile.AtEndOfStream >> %TEMP%\SECURE_REGISTER.vbs & echo line = objFile.ReadLine >> %TEMP%\SECURE_REGISTER.vbs & echo If (InStr(line, "#") ^> 0) Then >> %TEMP%\SECURE_REGISTER.vbs & echo line = Mid(line, 1, InStr(line, "#") - 1) >> %TEMP%\SECURE_REGISTER.vbs & echo End If >> %TEMP%\SECURE_REGISTER.vbs & echo line = Trim(line) >> %TEMP%\SECURE_REGISTER.vbs & echo CharLeft = (Left(line, 1) = "=") Or ( Left(line, 1) = "(" ) Or ( Left(line, 1) = ")" ) >> %TEMP%\SECURE_REGISTER.vbs & echo CharRight = (Right(PreviousLine, 1) = "=") Or ( Right(PreviousLine, 1) = "(" ) >> %TEMP%\SECURE_REGISTER.vbs & echo If CharLeft Or CharRight Then >> %TEMP%\SECURE_REGISTER.vbs & echo lines = lines ^& line >> %TEMP%\SECURE_REGISTER.vbs & echo Else >> %TEMP%\SECURE_REGISTER.vbs & echo lines = lines ^& vbNewLine ^& line >> %TEMP%\SECURE_REGISTER.vbs & echo End If >> %TEMP%\SECURE_REGISTER.vbs & echo PreviousLine=line >> %TEMP%\SECURE_REGISTER.vbs & echo Loop >> %TEMP%\SECURE_REGISTER.vbs & echo objFile.Close >> %TEMP%\SECURE_REGISTER.vbs & echo Set objRE = New RegExp >> %TEMP%\SECURE_REGISTER.vbs & echo objRE.Pattern = "[\ \t]*=[\ \t]*" >> %TEMP%\SECURE_REGISTER.vbs & echo objRE.IgnoreCase = True >> %TEMP%\SECURE_REGISTER.vbs & echo objRE.Global = True >> %TEMP%\SECURE_REGISTER.vbs & echo lines = objRE.Replace(lines, "=") >> %TEMP%\SECURE_REGISTER.vbs & echo objRE.Pattern = "\n([^=(\s]+)=\([\ \t]*description" >> %TEMP%\SECURE_REGISTER.vbs & echo Set objMatch = objRE.Execute(lines) >> %TEMP%\SECURE_REGISTER.vbs & echo If objMatch.count ^> 0 Then >> %TEMP%\SECURE_REGISTER.vbs & echo For Each match In objMatch >> %TEMP%\SECURE_REGISTER.vbs & echo ListenerName = match.Submatches(0) >> %TEMP%\SECURE_REGISTER.vbs & echo If (InStr(1,Replace(lines,vbnewline,"#"),"#SECURE_REGISTER_" ^& ListenerName ^& "=(TCPS, IPC)#", VBTextCompare) = 0 and InStr(1,Replace(lines,vbnewline,"#"),"#SECURE_REGISTER_" ^& ListenerName ^& "=(IPC, TCPS)#", VBTextCompare) = 0) Then >> %TEMP%\SECURE_REGISTER.vbs & echo WScript.Echo "The " ^& ListenerName ^& " listener is not set an SECURE_REGISTER to (TCPS, IPC)" >> %TEMP%\SECURE_REGISTER.vbs & echo End If >> %TEMP%\SECURE_REGISTER.vbs & echo Next >> %TEMP%\SECURE_REGISTER.vbs & echo End If >> %TEMP%\SECURE_REGISTER.vbs & echo If (ListenerName = "") Then >> %TEMP%\SECURE_REGISTER.vbs & echo WScript.Echo LstFile ^& " does not have any listener" >> %TEMP%\SECURE_REGISTER.vbs & echo End If >> %TEMP%\SECURE_REGISTER.vbs & %windir%\system32\cscript /nologo %TEMP%\SECURE_REGISTER.vbs del %TEMP%\SECURE_REGISTER.vbs 0 0 false SECURE_PROTOCOL Listener echo on error resume next > %TEMP%\SECURE_PROTOCOL.vbs & echo LstFile="$(WINDOWS_ORACLE_DB_HOME)\NETWORK\ADMIN\listener.ora" >> %TEMP%\SECURE_PROTOCOL.vbs & echo Set ObjFSO = CreateObject("Scripting.FileSystemObject") >> %TEMP%\SECURE_PROTOCOL.vbs & echo Set objFile = objFSO.OpenTextFile(LstFile, 1) >> %TEMP%\SECURE_PROTOCOL.vbs & echo If (Err.Number ^<^> 0) Then >> %TEMP%\SECURE_PROTOCOL.vbs & echo WScript.Echo LstFile ^& " does not exist" >> %TEMP%\SECURE_PROTOCOL.vbs & echo WScript.Quit >> %TEMP%\SECURE_PROTOCOL.vbs & echo End If >> %TEMP%\SECURE_PROTOCOL.vbs & echo Do Until objFile.AtEndOfStream >> %TEMP%\SECURE_PROTOCOL.vbs & echo line = objFile.ReadLine >> %TEMP%\SECURE_PROTOCOL.vbs & echo If (InStr(line, "#") ^> 0) Then >> %TEMP%\SECURE_PROTOCOL.vbs & echo line = Mid(line, 1, InStr(line, "#") - 1) >> %TEMP%\SECURE_PROTOCOL.vbs & echo End If >> %TEMP%\SECURE_PROTOCOL.vbs & echo line = Trim(line) >> %TEMP%\SECURE_PROTOCOL.vbs & echo CharLeft = (Left(line, 1) = "=") Or ( Left(line, 1) = "(" ) Or ( Left(line, 1) = ")" ) >> %TEMP%\SECURE_PROTOCOL.vbs & echo CharRight = (Right(PreviousLine, 1) = "=") Or ( Right(PreviousLine, 1) = "(" ) >> %TEMP%\SECURE_PROTOCOL.vbs & echo If CharLeft Or CharRight Then >> %TEMP%\SECURE_PROTOCOL.vbs & echo lines = lines ^& line >> %TEMP%\SECURE_PROTOCOL.vbs & echo Else >> %TEMP%\SECURE_PROTOCOL.vbs & echo lines = lines ^& vbNewLine ^& line >> %TEMP%\SECURE_PROTOCOL.vbs & echo End If >> %TEMP%\SECURE_PROTOCOL.vbs & echo PreviousLine=line >> %TEMP%\SECURE_PROTOCOL.vbs & echo Loop >> %TEMP%\SECURE_PROTOCOL.vbs & echo objFile.Close >> %TEMP%\SECURE_PROTOCOL.vbs & echo Set objRE = New RegExp >> %TEMP%\SECURE_PROTOCOL.vbs & echo objRE.Pattern = "[\ \t]*=[\ \t]*" >> %TEMP%\SECURE_PROTOCOL.vbs & echo objRE.IgnoreCase = True >> %TEMP%\SECURE_PROTOCOL.vbs & echo objRE.Global = True >> %TEMP%\SECURE_PROTOCOL.vbs & echo lines = objRE.Replace(lines, "=") >> %TEMP%\SECURE_PROTOCOL.vbs & echo objRE.Pattern = "\n([^=(\s]+)=\([\ \t]*description" >> %TEMP%\SECURE_PROTOCOL.vbs & echo Set objMatch = objRE.Execute(lines) >> %TEMP%\SECURE_PROTOCOL.vbs & echo If objMatch.count ^> 0 Then >> %TEMP%\SECURE_PROTOCOL.vbs & echo For Each match In objMatch >> %TEMP%\SECURE_PROTOCOL.vbs & echo ListenerName = match.Submatches(0) >> %TEMP%\SECURE_PROTOCOL.vbs & echo If (InStr(1,Replace(lines,vbnewline,"#"),"#SECURE_PROTOCOL_" ^& ListenerName ^& "=(TCPS, IPC)#", VBTextCompare) = 0 and InStr(1,Replace(lines,vbnewline,"#"),"#SECURE_PROTOCOL_" ^& ListenerName ^& "=(IPC, TCPS)#", VBTextCompare) = 0) Then >> %TEMP%\SECURE_PROTOCOL.vbs & echo WScript.Echo "The " ^& ListenerName ^& " listener is not set an SECURE_PROTOCOL to (TCPS, IPC)" >> %TEMP%\SECURE_PROTOCOL.vbs & echo End If >> %TEMP%\SECURE_PROTOCOL.vbs & echo Next >> %TEMP%\SECURE_PROTOCOL.vbs & echo End If >> %TEMP%\SECURE_PROTOCOL.vbs & echo If (ListenerName = "") Then >> %TEMP%\SECURE_PROTOCOL.vbs & echo WScript.Echo LstFile ^& " does not have any listener" >> %TEMP%\SECURE_PROTOCOL.vbs & echo End If >> %TEMP%\SECURE_PROTOCOL.vbs & %windir%\system32\cscript /nologo %TEMP%\SECURE_PROTOCOL.vbs del %TEMP%\SECURE_PROTOCOL.vbs 0 Monitors roles and permissions 100 false Query=Policy Query;Monitors policies;SELECT POLICY_NAME, OBJECT_OWNER, OBJECT_NAME, ENABLE FROM DBA_POLICIES ORDER BY POLICY_NAME;0;1024 10000 -1 true Query=Default Profile Users;Monitors all users who have the DEFAULT profile.;SELECT USERNAME FROM DBA_USERS WHERE PROFILE='DEFAULT' ORDER BY USERNAME;0;1024 10000 -1 true Query=Roles With Admin Option;Monitors all roles with ADMIN_OPTION.;SELECT GRANTEE, GRANTED_ROLE, ADMIN_OPTION, DEFAULT_ROLE FROM DBA_ROLE_PRIVS WHERE ADMIN_OPTION='YES' ORDER BY GRANTEE;0;1024 10000 -1 true Query=Public Object Privileges;Monitors all object privileges assigned to the PUBLIC account.;SELECT OWNER, TABLE_NAME, GRANTOR, PRIVILEGE FROM SYS.DBA_TAB_PRIVS WHERE GRANTEE='PUBLIC' AND GRANTOR <> 'SYS' AND GRANTOR <> 'SYSTEM' ORDER BY OWNER, TABLE_NAME, GRANTOR;0;1024 10000 -1 true Query=Public Role Privileges;Monitors roles granted to PUBLIC account.;SELECT GRANTED_ROLE FROM DBA_ROLE_PRIVS WHERE GRANTEE='PUBLIC' ORDER BY GRANTED_ROLE;0;1024 10000 -1 true Query=Public System Privileges;Monitors system privileges granted to PUBLIC account.;SELECT PRIVILEGE FROM DBA_SYS_PRIVS WHERE GRANTEE='PUBLIC' ORDER BY PRIVILEGE ;0;1024 10000 -1 true Query=Source Privileges;Monitors users and roles with privileges to read data in source views.;SELECT GRANTEE, OWNER, TABLE_NAME, GRANTOR, PRIVILEGE, GRANTABLE, HIERARCHY FROM SYS.DBA_TAB_PRIVS WHERE TABLE_NAME in ('DBA_SOURCE','ALL_SOURCE', 'USER_SOURCE') ORDER BY GRANTEE, OWNER, TABLE_NAME, PRIVILEGE;0;1024 10000 -1 true Monitors auditing options 100 false Query=Object Audit Options;Monitors object auditing options.;SELECT * FROM DBA_OBJ_AUDIT_OPTS ORDER BY OWNER, OBJECT_NAME;0;1024 10000 -1 true Query=Statement Audit Options;Monitors statement auditing options.;SELECT USER_NAME, PROXY_NAME, AUDIT_OPTION, SUCCESS, FAILURE FROM DBA_STMT_AUDIT_OPTS ORDER BY USER_NAME, PROXY_NAME, AUDIT_OPTION;0;1024 10000 -1 true Query=Privilege Audit Options;Monitors system privileges auditing options.;SELECT USER_NAME, PROXY_NAME, PRIVILEGE,SUCCESS, FAILURE FROM DBA_PRIV_AUDIT_OPTS ORDER BY USER_NAME, PROXY_NAME, PRIVILEGE;0;1024 10000 -1 true Monitors objects owned by the SYS user 100 false Function=* 10000 -1 true 1 SYS.* Cluster=* 10000 -1 true 1 SYS.* Database Link=* 10000 -1 true 1 SYS.* Index=* 10000 -1 true 1 SYS.* Library=* 10000 -1 true 1 SYS.* Package=* 10000 -1 true 1 SYS.* Procedure=* 10000 -1 true 1 SYS.* Sequence=* 10000 -1 true 1 SYS.* Stored Outline=* 10000 -1 true 1 SYS.* Synonym=* 10000 -1 true 1 SYS.* Table=* 10000 -1 true 1 SYS.* Trigger=* 10000 -1 true 1 SYS.* User Defined Type=* 10000 -1 true 1 SYS.* View=* 10000 -1 true 1 SYS.* Monitors the runtime configuration parameters related to auditing 100 false Configuration Parameter=* 10000 -1 true 2 1 100 false HKEY_LOCAL_MACHINE\\SOFTWARE\\ORACLE 10000 -1 true 1 100 false $(WINDOWS_ORACLE_DB_HOME)\dbs\initdw.ora 10000 0 true 1 $(WINDOWS_ORACLE_DB_HOME)\hs\admin\inithsodbc.ora 10000 0 true 1 $(WINDOWS_ORACLE_DB_HOME)\hs\admin\inithsoledb.ora 10000 0 true 1 $(WINDOWS_ORACLE_DB_HOME)\NETWORK\ADMIN\sqlnet.ora 10000 0 true 1 $(WINDOWS_ORACLE_DB_HOME)\NETWORK\ADMIN\tnsnames.ora 10000 0 true 1 $(WINDOWS_ORACLE_DB_HOME)\srvm\admin\init.ora 10000 0 true 1 $(WINDOWS_ORACLE_DB_HOME)\NETWORK\ADMIN\listener.ora 10000 0 true 1 $(WINDOWS_ORACLE_DB_HOME)\dbs\init.ora 10000 0 true 1 100 false $(UNIX_ORACLE_HOME)/dbs/init.ora 10000 0 true 1 $(UNIX_ORACLE_HOME)/dbs/initdw.ora 10000 0 true 1 $(UNIX_ORACLE_HOME)/network/admin/sqlnet.ora 10000 0 true 1 $(UNIX_ORACLE_HOME)/network/admin/tnsnames.ora 10000 0 true 1 $(UNIX_ORACLE_HOME)/network/admin/listener.ora 10000 0 true 1 $(UNIX_ORACLE_HOME)/hs/admin/inithsodbc.ora 10000 0 true 1 $(UNIX_ORACLE_HOME)/srvm/admin/init.ora 10000 0 true 1 true 100 false $(UNIX_ORACLE_HOME)/bin 10000 -1 false 1 *.ico true 100 false $(WINDOWS_ORACLE_DB_HOME)\BIN 10000 -1 false 1 *.exe *.dll