DBMS remote administration should be audited.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15652 | DG0158-ORACLE11 | SV-24985r1_rule | EBRP-1 | Medium |
| Description |
|---|
| When remote administration is available, the vulnerability to attack for administrative access is increased. An audit of remote administrative access provides additional means to discover suspicious activity and to provide accountability for administrative actions completed by remote users. |
| STIG | Date |
|---|---|
| Oracle 11 Database Installation STIG | 2014-01-14 |
Details
| Check Text ( C-20343r1_chk ) |
|---|
| Review settings for actions taken during remote administration sessions. If auditing of remote administration sessions and actions is not enabled, this is a Finding. If audit logs do not include all actions taken by database administrators during remote sessions, this is a Finding. Actions should be tied to a specific user. |
| Fix Text (F-16165r1_fix) |
|---|
| Develop, document and implement policy and procedures for remote administration auditing. Configure the DBMS to provide an audit trail for remote administrative sessions. Include all actions taken by database administrators during remote sessions. Actions should be tied to a specific user. |