DG0052-ORACLE11 - All applications that access the database should be logged in the audit trail.

Information

Protections and privileges are designed within the database to correspond to access via authorized software. Use of unauthorized software to access the database could indicate an attempt to bypass established permissions. Reviewing the use of application software to the database can lead to discovery of unauthorized access attempts.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Modify auditing to ensure audit records include identification of applications used to access the DBMS.

Ensure auditing captures the name [or unique identifier] of applications accessing the DBMS at a minimum.

Develop or procure a 3rd-party solution where native DBMS logging is not employed or does not capture required information.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Oracle_Database_11g_Y21M10_STIG.zip

Item Details

References: CAT|II, Rule-ID|SV-24626r1_rule, STIG-ID|DG0052-ORACLE11, Vuln-ID|V-3807

Plugin: Unix

Control ID: 6b2ea7dc297a1a161adc5ce86915a28d59e472ba37701698ac5d9e2570060da9