Detections
Analytics
DG0135-ORACLE11 - Users should be alerted upon login of previous successful connections or unsuccessful attempts to access their account.
Information
Unauthorized access to DBMS accounts may go undetected if account access is not monitored. Authorized users may serve as a reliable party to report unauthorized use of to their account.NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Develop, document and implement an automated method to display at interactive logon the time and date of the last successful login and the number of failed login attempts since the last successful login for users that access the database interactively.This may require a custom-developed logon trigger or procedure to accomplish.
NOTE: This may cause interaction/functionality problems with COTS applications not designed for this kind of interaction.
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_11g_Y21M10_STIG.zip
Item Details
Audit Name: DISA STIG Oracle 11 Instance v9r1 Database
References: CAT|II, Rule-ID|SV-24429r1_rule, STIG-ID|DG0135-ORACLE11, Vuln-ID|V-15641
Plugin: OracleDB
Control ID: 7dccbe7f5662b2f699f57c699c4d8413fcc2823217b76336ba392f5424519af1