linux部分
cat /etc/redhat-release
more /etc/shadow
more /etc/login.defs
more /etc/pam.d/system-auth
more /etc/profile
more /etc/ssh/sshd_config
ls -l /etc/passwd
more /etc/passwd
service rsyslog status
service auditd status
tail -20 /var/log/messages
netstat -ntlp
cat /etc/hosts.deny
cat /etc/hosts.allow
service --status-all | grep running
more /etc/sudo.conf
more /etc/selinux/config
ps -ef|grep auditd
ls -l /var/log
iptables -nv -L
oracle部分
SQL> conn / as sysdba
Connected.
select username,profile from dba_users;
select * from user_password_limits;
select * from user_resource_limits;
select limit from dba_profiles where profile ='DEFAULT' and resource_name= 'PASSWORD_VERIFY_FUNCTION'; //是否启用口令复杂度函数
select limit from dba_profiles where profile ='DEFAULT' and resource_name= 'PASSWORD_LOCK_TIME'; //口令锁定时间的设置语句(值为unlimited表示没有限制)
select limit from dba_profiles where profile ='DEFAULT' and resource_name= 'FAILED_LOGIN_ATTEMPTS'; //登录失败尝试次数的限制(值为unlimited表示没有限制)
select limit from dba_profiles where profile= 'DEFAULT' and resource_name= 'IDLE_TIME'; //查看空闲超时设置
select limit from dba_profiles where profile= 'DEFAULT' and resource_name= 'SESSIONS_PER_USER'; //查看是否对每个用户所允许的并行会话数进行了限制
select limit from dba_profiles where profile= 'DEFAULT' and resource_name= 'CPU_PER_SESSION'; //查看是否对一个会话使用的CPU时间进行了限制
select username,account_status from dba_users; //查看是否存在多余过期的账户
show parameter audit; ---该命令可在PL/SQL Developer软件的命令窗口执行;
show parameter process; ---该命令可在PL/SQL Developer软件的命令窗口执行;
select count() from v
session;
select count() from v$session where status='ACTIVE';
select * from dba_sa_user_labels;
sqlserver(windows)
select * from syslogins where password is null;
sp_configure;
select name from syslogins;
select name,password from syslogins;
1、密码有效期
select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_LIFE_TIME';
2、密码失效后锁定时间:
select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_REUSE_TIME';
3、失效后保留次数:
select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_REUSE_MAX';
4、失效后密码保留时间
select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_GRACE_TIME';
5、复杂度:
select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_VERIFY_FUNCTION';
(1)、设置复杂度策略
cmd 后 输入 sqlplus 回车==》输入用户名sys 回车==》输入口令:admin as sysdba 回车。
或者:sqlplus sys/admin@orcl as sysdba;
alter system set resource_limit = true;
@ D:/app/Lenovo/product/11.2.0/dbhome_1/RDBMS/ADMIN/utlpwdmg.sql → [verify_function|verify_function_11G]
alter profile default limit password_verify_function verify_function;
(2)、取消Oracle密码复杂度检查:
alter profile default limit password_verify_function null;
alter user nbzcs identified by "Sinosoft@876";
6、未锁定的所有用户:
select username, account_status, profile from dba_users where account_status NOT like '%LOCKED';
7、登陆失败次数:
select limit from dba_profiles where profile='DEFAULT' and resource_name='FAILED_LOGIN_ATTEMPTS';
8、登陆失败锁定时间:
select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_LOCK_TIME';
9、是否开启审计:
select value from v$parameter where name='audit_trail';
select profile,resource_name,limit from dba_profiles where resource_type='PASSWORD'
select * from v$version
select * from dba_users t where t.account_status like 'OPEN'
-----------------------------------
![龙珠训练营task04[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)