oracle等保测评常用

1、密码有效期

select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_LIFE_TIME';

2、密码失效后锁定时间:

select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_REUSE_TIME';

3、失效后保留次数:

select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_REUSE_MAX';

4、失效后密码保留时间

select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_GRACE_TIME';

5、复杂度:

select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_VERIFY_FUNCTION';

（1）、设置复杂度策略

cmd 后 输入 sqlplus 回车==》输入用户名sys 回车==》输入口令：admin as sysdba 回车。
或者：sqlplus sys/admin@orcl as sysdba;

alter system set resource_limit = true;
@ D:/app/Lenovo/product/11.2.0/dbhome_1/RDBMS/ADMIN/utlpwdmg.sql → [verify_function|verify_function_11G]
alter profile default limit password_verify_function verify_function;

（2）、取消Oracle密码复杂度检查：

alter profile default limit password_verify_function null;

alter user nbzcs identified by "Sinosoft@876";

6、未锁定的所有用户:

select username, account_status, profile from dba_users where account_status NOT like '%LOCKED';

7、登陆失败次数:

select limit from dba_profiles where profile='DEFAULT' and resource_name='FAILED_LOGIN_ATTEMPTS';

8、登陆失败锁定时间:

select limit from dba_profiles where profile='DEFAULT' and resource_name='PASSWORD_LOCK_TIME';

9、是否开启审计:

select value from v$parameter where name='audit_trail';

select profile,resource_name,limit from dba_profiles where resource_type='PASSWORD'
select * from v$version

select * from dba_users t where t.account_status like 'OPEN'