Database Security Assessment Tool


The Oracle Database Security Assessment Tool (DBSAT) analyzes database configurations and security policies to uncover security risks and improve the security posture of Oracle Databases within your organization.


You can use DBSAT to implement and enforce security best practices in your organization. DBSAT reports on the state of user accounts, role and privilege grants, and policies that control the use of various security features in the database.You can use report findings to:• Fix immediate short-term risks• Implement a comprehensive security strategy
This tool released just few days back(May 2016) .. You can run the DBSAT tool on Oracle Database 10.2.0.5 and later releases.

Technical Steps(How to use):

Download & unzip DBSAT.ZIP     :  Doc ID 2138254.1DBSAT Collector : ./dbsat collect system/oracle12c@dgmgcdb '/home/oracle/dbsat_out/report'DBSAT Reporter :  ./dbsat report -a -n /home/oracle/dbsat_out/report

-a =>  include all the database user accounts in the analysis. (Locked Oracle-supplied accounts are excluded by default as they cannot be used to connect to the database.)-n =>  do not encrypt the reports generated by the analysis.
It will generate output files in 3 different formats (HTML/Excel & Text).

report.txt  report.html report.xlsx


Reference : https://docs.oracle.com/cd/E76178_01/index.htm


Comments

Post a Comment

Popular posts from this blog

Useful OEM Queries to get Target details from OEM Repository

List Targets with TNS Listener ports configured : SELECT mgmt$target.host_name , mgmt$target.target_name , mgmt$target.target_type , mgmt$target_properties.property_name , mgmt$target_properties.property_value FROM mgmt$target , mgmt$target_properties WHERE ( mgmt$target.target_name = mgmt$target_properties.target_name ) AND ( mgmt$target.target_type = mgmt$target_properties.target_type ) and ( mgmt$target.target_type = 'oracle_listener' ) and ( mgmt$target_properties.property_name = 'Port' ); Devora02       LISTENER_ora02                       oracle_listener Port 1529 Devora01       LISTENER_ora01                       oracle_listener Port 1529 Devora04       LISTENER_ora04                       oracle_listener Port 1529 List Machine_Names, CPU Count & Database Verion for Licensing SELECT mgmt$target.host_name , mgmt$target_properties.property_name , mgmt$target_properties.property_value FROM mgmt$target , mgmt$target_properties WHERE ( mgmt$
Read more

WARNING: Subscription for node down event still pending' in Listener Log

Image
These messages are related to the Oracle TNS Listener's default subscription to the Oracle Notification Service (ONS). In a non-RAC environment it is recommended to disable this subscription.   This feature was introduced in Oracle 10g. SOLUTION Set the following parameter in the listener.ora: SUBSCRIBE_FOR_NODE_DOWN_EVENT_<listener_name>=OFF Where <listener_name> should be replaced with the actual listener name configured in the LISTENER.ORA file. SUBSCRIBE_FOR_NODE_DOWN_EVENT_<listener_name> parameter is to be placed by itself on an empty line. It will be necessary to restart or reload the listener following the addition of this parameter. This will prevent the messages from being written to the log file and may also prevent the TNS Listener from hanging periodically.  See (10g only) NOTE 340091.1 Intermittent TNS Listener Hang, New Child Listener Process Forked Please Note: Setting SUBSCRIBE_FOR_NODE_DOWN_<listener_n
Read more

ORA-65139: Mismatch between XML metadata file and data file

Error: CDB$ROOT@EBTUPRDC> CREATE PLUGGABLE DATABASE EBTUSPRDPDB1 using '/home/oracle/EBTUSPRDC.xml' nocopy tempfile reuse; CREATE PLUGGABLE DATABASE EBTUSPRDPDB1 using '/home/oracle/EBTUSPRDC.xml' nocopy tempfile reuse * ERROR at line 1: ORA-65139: Mismatch between XML metadata file and data file /u05/odb/ORADATA_1/EBTUSPRDC/datafile/system.1531.807800993 for value of fcpsb (2230502002 in the plug XML file, 2230505492 in the data file) Fix: Don't open Non-CDB database until we complete pdb creation other wise we will get above error. Shutdown immediate; startup mount; alter database open read only; create xml file. shutdown immediate; Connect to CDB and Create Pluggable database .
Read more