linux部分
cat /etc/redhat-release
more /etc/shadow
more /etc/login.defs
more /etc/pam.d/system-auth
more /etc/profile
more /etc/ssh/sshd_config
ls -l /etc/passwd
more /etc/passwd
service rsyslog status
service auditd status
tail -20 /var/log/messages
netstat -ntlp
cat /etc/hosts.deny
cat /etc/hosts.allow
service --status-all | grep running
more /etc/sudo.conf
more /etc/selinux/config
ps -ef|grep auditd
ls -l /var/log
iptables -nv -L
oracle部分
SQL> conn / as sysdba
Connected.
select username,profile from dba_users;
select * from user_password_limits;
select * from user_resource_limits;
select limit from dba_profiles where profile ='DEFAULT' and resource_name= 'PASSWORD_VERIFY_FUNCTION'; //是否啟用密碼複雜度函數
select limit from dba_profiles where profile ='DEFAULT' and resource_name= 'PASSWORD_LOCK_TIME'; //密碼鎖定時間的設定語句(值為unlimited表示沒有限制)
select limit from dba_profiles where profile ='DEFAULT' and resource_name= 'FAILED_LOGIN_ATTEMPTS'; //登入失敗嘗試次數的限制(值為unlimited表示沒有限制)
select limit from dba_profiles where profile= 'DEFAULT' and resource_name= 'IDLE_TIME'; //檢視空閑逾時設定
select limit from dba_profiles where profile= 'DEFAULT' and resource_name= 'SESSIONS_PER_USER'; //檢視是否對每個使用者所允許的并行會話數進行了限制
select limit from dba_profiles where profile= 'DEFAULT' and resource_name= 'CPU_PER_SESSION'; //檢視是否對一個會話使用的CPU時間進行了限制
select username,account_status from dba_users; //檢視是否存在多餘過期的賬戶
show parameter audit; ---該指令可在PL/SQL Developer軟體的指令視窗執行;
show parameter process; ---該指令可在PL/SQL Developer軟體的指令視窗執行;
select count() from v
session;
select count() from v$session where status='ACTIVE';
select * from dba_sa_user_labels;
sqlserver(windows)
select * from syslogins where password is null;
sp_configure;
select name from syslogins;
select name,password from syslogins;
1、密碼有效期
select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_LIFE_TIME';
2、密碼失效後鎖定時間:
select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_REUSE_TIME';
3、失效後保留次數:
select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_REUSE_MAX';
4、失效後密碼保留時間
select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_GRACE_TIME';
5、複雜度:
select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_VERIFY_FUNCTION';
(1)、設定複雜度政策
cmd 後 輸入 sqlplus 回車==》輸入使用者名sys 回車==》輸入密碼:admin as sysdba 回車。
或者:sqlplus sys/admin@orcl as sysdba;
alter system set resource_limit = true;
@ D:/app/Lenovo/product/11.2.0/dbhome_1/RDBMS/ADMIN/utlpwdmg.sql → [verify_function|verify_function_11G]
alter profile default limit password_verify_function verify_function;
(2)、取消Oracle密碼複雜度檢查:
alter profile default limit password_verify_function null;
alter user nbzcs identified by "Sinosoft@876";
6、未鎖定的所有使用者:
select username, account_status, profile from dba_users where account_status NOT like '%LOCKED';
7、登陸失敗次數:
select limit from dba_profiles where profile='DEFAULT' and resource_name='FAILED_LOGIN_ATTEMPTS';
8、登陸失敗鎖定時間:
select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_LOCK_TIME';
9、是否開啟審計:
select value from v$parameter where name='audit_trail';
select profile,resource_name,limit from dba_profiles where resource_type='PASSWORD'
select * from v$version
select * from dba_users t where t.account_status like 'OPEN'
-----------------------------------
![龍珠訓練營task04[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)