Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more ➡
Download
Standard view
Full view
of .
Add note
Save to My Library
Sync to mobile
Look up keyword or section
Like this
2Activity
×

Table Of Contents

Overview
SYSTEM WIDE ADVICE
KEEP SOFTWARE UP TO DATE
RESTRICT NETWORK ACCESS TO CRITICAL SERVICES
FOLLOW THE PRINCIPLE OF LEAST PRIVILEGE
MONITOR SYSTEM ACTIVITY
KEEP UP TO DATE ON LATEST SECURITY INFORMATION
UPDATED TECHNOLOGY STACK
MODIFIED DIRECTORY STRUCTURE
Oracle TNS Listener Security
HARDENING
HARDEN OPERATING ENVIRONMENT
NETWORK
ADD IP RESTRICTIONS OR ENABLE VALID NODE CHECKING
SPECIFY CONNECTION TIMEOUT
ENABLE ENCRYPTION OF NETWORK TRAFFIC
AUTHENTICATION
ENABLE TNS LISTENER PASSWORD
AUTHORIZATION
ENABLE ADMIN RESTRICTIONS
AUDIT
ENABLE TNS LISTENER LOGGING
Oracle Database Security
DISABLE XDB
REVIEW DATABASE LINKS
REMOVE OPERATING SYSTEM TRUSTED REMOTE LOGON
IMPLEMENT TWO PROFILES FOR PASSWORD MANAGEMENT
CHANGE DEFAULT INSTALLATION PASSWORDS
RESTRICT ACCESS TO SQL TRACE FILES
REMOVE OPERATING SYSTEM TRUSTED REMOTE ROLES
LIMIT FILE SYSTEM ACCESS WITHIN PL/SQL
LIMIT DICTIONARY ACCESS
REVOKE UNNECCESSARY GRANTS GIVEN TO APPLSYSPUB
CONFIGURE THE DATABASE FOR AUDITING
AUDIT DATABASE CONNECTIONS
AUDIT DATABASE SCHEMA CHANGES
AUDIT OTHER ACTIVITIES
AUDIT ADMINISTRATORS AND THEIR ACTIONS
REVIEW AUDIT RECORDS
MAINTAIN AUDIT RECORDS
SECURE AUDIT RECORDS
Oracle Application Tier Security
REMOVE APPLICATION SERVER BANNER
REMOVE UNNECESSARY DIRECTIVES
TURN OFF DIRECTORY INDEXING
UNLOAD APACHE AUTOINDEX MODULE
PREVENT SEARCH ENGINE INDEXING
PROTECT ADMINISTRATIVE WEB PAGES
DISABLE TEST PAGES
CONFIGURE LOGGING
E-Business Suite Security
STRIKE PASSWORDS FROM ADPATCH LOGS
SET WORKFLOW NOTIFICATION MAILER SEND_ACCESS_KEY TO N
SET TOOLS ENVIRONMENT VARIABLES
USE SSL (HTTPS) BETWEEN BROWSER AND WEB SERVER
USE EXTERNAL WEBTIER IF EXPOSING ANY PART OF EBS TO THE INTERNET
USE TERMINAL SERVICES FOR CLIENT-SERVER PROGRAMS
CHANGE PASSWORDS FOR SEEDED APPLICATION USER ACCOUNTS
CONSIDER USING SINGLE-SIGN-ON
TIGHTEN LOGON AND SESSION PROFILE OPTIONS
CREATE NEW USER ACCOUNTS SAFELY
CREATE SHARED RESPONSIBILITIES INSTEAD OF SHARED ACCOUNTS
CONFIGURE CONCURRENT MANAGER FOR SAFE AUTHENTICATION
ACTIVATE SERVER SECURITY
REVIEW GUEST USER RESPONSIBILITIES
REVIEW USERS WITH ADMINISTRATIVE RESPONSIBILITIES
LIMIT ACCESS TO SECURITY RELATED FORMS
LIMIT ACCESS TO FORMS ALLOWING SQL ENTRY
SET OTHER SECURITY RELATED PROFILE OPTIONS
RESTRICT RESPONSIBILITIES BY WEB SERVER TRUST LEVEL
SET SIGN-ON AUDIT LEVEL
MONITOR SYSTEM ACTIVITY WITH OAM
RETRIEVE AUDIT RECORDS USING REPORTS
RETRIEVE AUDIT RECORDS USING SQL
PURGE AUDIT RECORDS
REVIEW DATA TRACKED (NO REPORTS AVAILABLE)
ADVANCED AUDIT
CONFIGURING AUDIT TRAIL
GENERATE AND IDENTIFY AUDIT TRAIL OBJECTS
CHOOSE TABLES TO AUDIT
REFERENCES ON E-BUSINESS SUITE AUDITING
Desktop Security
CONFIGURE BROWSER
UPDATE BROWSER
TURN OFF AUTOCOMPLETE IN INTERNET EXPLORER
SET POLICY FOR UNATTENDED PC SESSIONS
Operating Environment Security
CLEANUP FILE OWNERSHIP AND ACCESS
CLEANUP FILE PERMISSIONS
LOCKDOWN OPERATING SYSTEM LIBRARIES AND PROGRAMS
FILTER IP PACKETS
PREVENT SPOOFING
ELIMINATE TELNET CONNECTIONS
ELIMINATE FTP CONNECTIONS
VERIFY NETWORK CONFIGURATION
MONITOR FOR ATTACKS
CONFIGURE ACCOUNTS SECURELY
LIMIT ROOT ACCESS
MANAGE USER ACCOUNTS
DO NOT ALLOW GUEST ACCOUNTS
SECURE NFS
SECURE OPERATING SYSTEM DEVICES
SECURE EXECUTABLES
SECURE FILE ACCESS
MAINTENANCE
Extras for Experts
DETECT AND PREVENT DUPLICATE USER SESSIONS
CUSTOMIZE PASSWORD VALIDATION
ADVANCED SECURITY/NETWORKING OPTION (ASO/ANO)
CONFIGURE LISTENER ON A NON-DEFAULT TCP PORT
HARDENING EXTERNAL PROCEDURE (EXTPROC) SERVICES
EXTPROC LISTENER CONFIGURATION
EXTPROC TESTING PROCEDURE
Appendix A: Security Setup Forms
Appendix B: Security Setup Forms That Accept SQL Statement
Appendix C: Database Schemas Shipped with E-Business Suite
Appendix D: Processes Used by E-Business Suite
Appendix E: Ports Used by E-Business Suite
Appendix F: Sample Linux Hardening of the Application Tier
Appendix G: References & More Resources
0 of .
Results for:
No results containing your search query
P. 1
EBS_SEC_1_0_0[1]

EBS_SEC_1_0_0[1]

Ratings: (0)|Views: 2,707|Likes:
Published by a_jerald

More info:

Published by: a_jerald on Jun 16, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See More
See less

06/16/2011

pdf

text

original

You're Reading a Free Preview
Pages 4 to 53 are not shown in this preview.
You're Reading a Free Preview
Pages 57 to 68 are not shown in this preview.

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->