2.2.14 Ensure 'SEC_PROTOCOL_ERROR_FURTHER_ACTION' Is Set to 'DELAY,3' or 'DROP,3'

Information

As bad packets received from the client can potentially indicate packet-based attacks on the system, such as 'TCP SYN Flood' or 'Smurf' attacks, which could result in a Denial-of-Service condition, this value should be set according to the needs of the organization.

Solution

To remediate this setting execute one of the following SQL statements. ALTER SYSTEM SET SEC_PROTOCOL_ERROR_FURTHER_ACTION = 'DELAY,3' SCOPE = SPFILE; ALTER SYSTEM SET SEC_PROTOCOL_ERROR_FURTHER_ACTION = 'DROP,3' SCOPE = SPFILE;

See Also

https://workbench.cisecurity.org/files/601

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-3

Plugin: OracleDB

Control ID: 38979baf69ef2ded86f03263423954fea666ce61b1f88a6462126e483a43c6e0