Comments on: Oracle: Audit a failed logon attempt without auditing http://www.usn-it.de/index.php/2009/08/04/oracle-audit-a-failed-logon-attempt-without-auditing/ Martin Klier - Oracle, Linux, MS SQL Server Thu, 02 Feb 2012 21:53:45 +0000 hourly 1 http://wordpress.org/?v=3.2.1 By: chet http://www.usn-it.de/index.php/2009/08/04/oracle-audit-a-failed-logon-attempt-without-auditing/comment-page-1/#comment-10624 chet Tue, 04 Aug 2009 11:30:56 +0000 http://www.usn-it.de/?p=264#comment-10624 @usn Glad I could help! I went through something similar with my previous <a HREF="http://oraclue.com" rel="nofollow">DBA</a>. We were looking for people trying to hack the system. Of course we had auditing turned on along with policies set up on logins (3 times and your locked), but these seemed an easier solution for our needs. chet @usn

Glad I could help!

I went through something similar with my previous DBA. We were looking for people trying to hack the system. Of course we had auditing turned on along with policies set up on logins (3 times and your locked), but these seemed an easier solution for our needs.

chet

]]> By: usn http://www.usn-it.de/index.php/2009/08/04/oracle-audit-a-failed-logon-attempt-without-auditing/comment-page-1/#comment-10620 usn Tue, 04 Aug 2009 09:44:28 +0000 http://www.usn-it.de/?p=264#comment-10620 Cool ideas, both of them - how to tell the truth, and how to "fix" the issue. :) Cool ideas, both of them – how to tell the truth, and how to “fix” the issue. :)

]]> By: Dave http://www.usn-it.de/index.php/2009/08/04/oracle-audit-a-failed-logon-attempt-without-auditing/comment-page-1/#comment-10618 Dave Tue, 04 Aug 2009 08:38:38 +0000 http://www.usn-it.de/?p=264#comment-10618 I once got an email from my boss saying, "I'm concerned that there may be security implications from having UTL_SMTP accessible on the Dev databases. Also, I'm sleeping with your wife." Looked up to see the developers grinning like loons. We changed to a SYSTEM.MAIL_PKG package that had the only access to UTL_SMTP and audited all mails sent to a table including OSUSER and TERMINAL. Which stopped that. I once got an email from my boss saying, “I’m concerned that there may be security implications from having UTL_SMTP accessible on the Dev databases. Also, I’m sleeping with your wife.”

Looked up to see the developers grinning like loons. We changed to a SYSTEM.MAIL_PKG package that had the only access to UTL_SMTP and audited all mails sent to a table including OSUSER and TERMINAL. Which stopped that.

]]>