Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: securing oracle

Re: securing oracle

From: Pete Sharman <psharman_at_us.oracle.com>
Date: Thu, 25 Nov 1999 14:21:10 -0800
Message-ID: <383DB655.8E841B16@us.oracle.com> 





Ed



I'm assuming you're on NT, since INTERNAL doesn't have a password on Unix (it's
protected by OS privileges instead).  Here are the steps on NT (I'm using 8.1,
so you'll need to change the commands to include version numbers if you're on
an earlier release e.g. svrmgrl was svrmgr30, orapwd was orapwd80 in Oracle8):



C:\>svrmgrl



Oracle Server Manager Release 3.1.5.0.0 - Production



(c) Copyright 1997, Oracle Corporation.  All Rights Reserved.



Oracle8i Enterprise Edition Release 8.1.5.0.0 - Production
With the Partitioning and Java options


PL/SQL Release 8.1.5.0.0 - Production



SVRMGR> connect internal/oracle    <-- the default password.
Connected.


SVRMGR> exit


Server Manager complete.



C:\>orapwd


Usage: orapwd file=<fname> password=<password> entries=<users>



  where


    file - name of password file (mand),
    password - password for SYS and INTERNAL (mand),
    entries - maximum number of distinct DBA and OPERs (opt),
  There are no spaces around the equal-to (=) character.



C:\>orapwd file=pwdorcl.ora password=manager   <-- Mistake here.  No path
entered so the file ended up in the current directory, not under
c:\oracle81\database where it belongs.



C:\>svrmgrl



Oracle Server Manager Release 3.1.5.0.0 - Production



(c) Copyright 1997, Oracle Corporation.  All Rights Reserved.



Oracle8i Enterprise Edition Release 8.1.5.0.0 - Production
With the Partitioning and Java options


PL/SQL Release 8.1.5.0.0 - Production



SVRMGR> connect internal/manager   <-- The supposed new password
ORA-01017: invalid username/password; logon denied
SVRMGR> connect internal/oracle       <-- The old default value
Connected.


SVRMGR> exit


Server Manager complete.



C:\>dir


 Volume in drive C is OBIWINNT


 Volume Serial Number is 3C59-9216



 Directory of C:\


01/11/99  04:06p        <DIR>          acrobat3
08/13/99  12:08p        <DIR>          adsdc
02/05/99  09:50a                    16 AUTOEXEC.BAT
03/22/99  03:15p                 6,086 class.sys
01/11/99  02:19p                     0 CONFIG.SYS
08/18/99  10:03a        <DIR>          CWHS804WebTrial
08/02/99  08:06a                   140 helpindx.lis
08/02/99  08:03a                    44 helptbl.lis
10/11/99  09:35a        <DIR>          InetPub
01/12/99  05:50p        <DIR>          MODEM.NT4
10/12/99  10:51a        <DIR>          My Music
08/09/96  12:00a                26,800 NTDETECT.OLD
01/11/99  04:09p                    42 oaprefw.ora
01/11/99  04:09p                    42 oaprefw.per
01/11/99  04:10p                 1,045 OBIVER.INI
04/27/99  01:54p                   119 OMLOC.CFG
08/31/99  01:07p        <DIR>          OnNet Host Suite Data
08/13/99  01:30p        <DIR>          oracle81
10/14/99  09:37a        <DIR>          ORANT
06/07/99  09:32a        <DIR>          PLATDEMO
08/02/99  08:05a                 1,665 plushelp.log
10/08/99  02:10p        <DIR>          Program Files
11/25/99  02:09p                 1,536 pwdorcl.ora      <-- Ahah!  File in the
wrong location!
08/16/99  09:43a        <DIR>          Real
11/18/99  09:42a                35,543 sqlnet.log
11/25/99  02:03p        <DIR>          TEMP
11/20/99  03:14p        <DIR>          WINNT
              27 File(s)         73,078 bytes
                            192,259,584 bytes free





C:\>del pwdorcl.ora



C:\>cd oracle81\database



C:\oracle81\DATABASE>dir pwd*


 Volume in drive C is OBIWINNT


 Volume Serial Number is 3C59-9216



 Directory of C:\oracle81\DATABASE


08/02/99  07:58a                 1,536 PWDfred.ora
08/13/99  01:26p                 1,536 PWDorcl.ora
               2 File(s)          3,072 bytes
                            192,261,120 bytes free





C:\oracle81\DATABASE>orapwd file=pwdorcl.ora password=manager



OPW-00005: File with same name exists - please delete or rename  <-- Bit of
extra work here to make sure you don't do this without thinking through the
consequences.



C:\oracle81\DATABASE>ren pwdorcl.ora pwdorcl.old



C:\oracle81\DATABASE>orapwd file=pwdorcl.ora password=manager



C:\oracle81\DATABASE>svrmgrl



Oracle Server Manager Release 3.1.5.0.0 - Production



(c) Copyright 1997, Oracle Corporation.  All Rights Reserved.



Oracle8i Enterprise Edition Release 8.1.5.0.0 - Production
With the Partitioning and Java options


PL/SQL Release 8.1.5.0.0 - Production



SVRMGR> connect internal/manager


Connected.


SVRMGR> exit


Server Manager complete.



HTH.


Pete



Ed Zappulla wrote:



> Hi Pete, Do you know how to change the INTERNAL password?


>


> Pete Sharman <psharman_at_us.oracle.com> wrote in message


> news:3839BF27.7E9E43A2_at_us.oracle.com...


> > All of them, if you really want to secure it!  ;)


> >


> > Actually, the real answer is all the privileged accounts.  That's SYS,


> > SYSTEM, INTERNAL on NT, DBSNMP and any user that has either the DBA role,


> > or SYSDBA or SYSOPER roles.


> >


> > HTH.



> >


> > Pete


> >


> > ed zappulla wrote:


> >


> > > Can anyone tell me what passwords I need to change in order to secure


> > > Oracle?  I know of 2.  system and internal.


> > >


> > > ...ed


> >








Received on Thu Nov 25 1999 - 16:21:10 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US