Detections
Analytics

TNS Oracle WebLogic Server 10 Linux Best Practices

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: TNS Oracle WebLogic Server 10 Linux Best Practices

Updated: 1/5/2022

Authority: TNS

Plugin: Unix

Revision: 1.10

Estimated Item Count: 42

File Details

Filename: TNS_Oracle_WebLogic_10_Security_Guide_Linux.audit

Size: 55.7 kB

MD5: fb8f42a8053d5be5436d33a1420baecc
SHA256: f20a90676066c950ff5744ed2f8992decbee85b7448fe5f0a0e06bb707c5a1ba

Audit Items

DescriptionCategories
1.1 - Strong Password policy should be implemented - Enforce Password History
1.1 - Strong Password policy should be implemented - Maximum Password Age
1.1 - Strong Password policy should be implemented - Minimum Lowercase Characters

IDENTIFICATION AND AUTHENTICATION

1.1 - Strong Password policy should be implemented - Minimum Numeric Characters

IDENTIFICATION AND AUTHENTICATION

1.1 - Strong Password policy should be implemented - Minimum Numeric or Special Characters

IDENTIFICATION AND AUTHENTICATION

1.1 - Strong Password policy should be implemented - Minimum Password Age
1.1 - Strong Password policy should be implemented - Minimum Password Length

IDENTIFICATION AND AUTHENTICATION

1.1 - Strong Password policy should be implemented - Minimum Uppercase Characters

IDENTIFICATION AND AUTHENTICATION

1.1 - Strong Password policy should be implemented - Non-Alphanumeric Characters

IDENTIFICATION AND AUTHENTICATION

1.2 - Default admin password should be changed
2.1 - Security Groups should be established
2.2 - Administrator Group should be set up
2.3 - Limit access to production WebLogic application servers
2.4 - Unique X.509 Mapping should be present
2.5 - Security roles should be used to control access
2.6 - Set check Roles and Policies to all Web applications and EJBs

IDENTIFICATION AND AUTHENTICATION

2.7 - Account lockout policy should be enabled - Lockout Duration

ACCESS CONTROL

2.7 - Account lockout policy should be enabled - Lockout Enabled

ACCESS CONTROL

2.7 - Account lockout policy should be enabled - Lockout Threshold

ACCESS CONTROL

3.1 - Delete Development Tools - ADFR Tools

CONFIGURATION MANAGEMENT

3.1 - Delete Development Tools - OEPE Tools

CONFIGURATION MANAGEMENT

3.2 - Deploy the WebLogic Platform on a Dedicated System

CONFIGURATION MANAGEMENT

3.3 - LDAP Server SSL should be enabled

SYSTEM AND COMMUNICATIONS PROTECTION

3.4 - Anonymous Bind on LDAP server should be disabled

IDENTIFICATION AND AUTHENTICATION

3.5 - Secure SNMPv3 communication should be used

IDENTIFICATION AND AUTHENTICATION

3.6 - Web Server Process should not run as root - directory permissions

CONFIGURATION MANAGEMENT

3.6 - Web Server Process should not run as root - process

ACCESS CONTROL

3.7 - Backup SSL Certificates, Private Keys, and Trust Keystores
3.8 - Host Name Verification should be set
3.9 - FIPS Compliant cryptographic Module should be used - JAVA_PROPERTIES

SYSTEM AND COMMUNICATIONS PROTECTION

3.9 - FIPS Compliant cryptographic Module should be used - PRE_CLASSPATH

SYSTEM AND COMMUNICATIONS PROTECTION

3.10 - Anonymous Admin Lookup Disabled

ACCESS CONTROL

4.1 - Domain Home File and Subdirectory Permissions - Directories

CONFIGURATION MANAGEMENT

4.1 - Domain Home File and Subdirectory Permissions - Executable Files

CONFIGURATION MANAGEMENT

4.1 - Domain Home File and Subdirectory Permissions - Non Executable Files

CONFIGURATION MANAGEMENT

4.2 - Keystore directory and file permissions should be set - Directory

CONFIGURATION MANAGEMENT

4.2 - Keystore directory and file permissions should be set - Files

CONFIGURATION MANAGEMENT

4.3 - Auditing provider should be present

AUDIT AND ACCOUNTABILITY

4.4 - Enable configuration Audit Logs

AUDIT AND ACCOUNTABILITY

4.5 - Auditing Severity Setting should be set

AUDIT AND ACCOUNTABILITY

4.6 - HTTP Access Log File are enabled

AUDIT AND ACCOUNTABILITY

TNS_Oracle_WebLogic_10_Security_Guide_Linux.audit