Appendix E: Sample Linux Hardening of the Application Tier for BestPractices4SecuringOracleEbusinessSuite

Best Practices for SecuringOracle E-Business Suite

Oracle Corporation

Version 3.0.1

ii

Best Practices for Securing Oracle E-Business Suite

Latest version of this document available under Metalink Note 189367.1.

Revision History

VersionRelease DateDescriptions

1.2May 2002Version 1.2 of the Best Practices for Security E-Business Suite.2.0May 2003Update for new features.2.1Jan 2004Minor Edits.3.0Dec 2004Major Rewrite, new sections, expanded advice, focus on 11.5.9 and above.Copyright © 2002, 2003, 2004, Oracle. All rights reserved.Primary Authors: Andy Philips, Ashok SubramanianContributors: David Kerr, George Buzsaki, Erik Graversen, Deepak Louis, Rajiv Muthyala, Remi Aimsupha-nimit, Emily Nordhagen.Excerpts of documents [IntA, IntB] reproduced with permission from Integrigy Corporation.This document is provided for informational purposes only and the information herein is subject to changewithout notice. Please report any errors herein to Oracle Corporation by filing a documentation bug againstproduct code 510, component SEC_COMP. Oracle Corporation does not provide any warranties covering andspecifically disclaims any liability in connection with this document.Oracle is a registered trademark.Oracle Corporation World Headquarters500 Oracle ParkwayRedwood Shores, CA 94065U.S.A.Worldwide Inquiries:650.506.7000Fax 650.506.7200Worldwide Support:http://www.oracle.com/support

Table of Contents

iii

Overview ..............................................................................................................................................................1

System Wide Advice 2

Oracle TNS Listener Security...............................................................................................................................3

Hardening 3Network 3Authentication 4Authorization 5Audit 5

Oracle Database Security......................................................................................................................................7

Hardening 7Authentication 7Authorization 9Audit 10

Oracle Application Tier Security........................................................................................................................13

Hardening 13Authorization 15Audit 18

E-Business Suite Security...................................................................................................................................19

Hardening 19Network 20Authentication 21Authorization 24Audit 26Advanced Audit 28

Desktop Security.................................................................................................................................................31

Hardening 31

Operating Environment Security........................................................................................................................33

Hardening 33Network 34Authentication 35Authorization 36Maintenance 36

Extras for Experts...............................................................................................................................................39

Detect and Prevent Duplicate User Sessions 39Customize Password Validation 39Advanced Security/Networking Option (ASO/ANO) 39Configure Listener on a Non-Default

.dbc

Port 40Multi-Node Topology 40Hardening External Procedure (EXTPROC) Services 40

Appendix A: Security Setup Forms....................................................................................................................45Appendix B: Security Setup Forms That Accept SQL Statement......................................................................47Appendix C: Processes Used by E-Business Suite.............................................................................................49Appendix D: Ports Used by E-Business Suite....................................................................................................51Appendix E: Sample Linux Hardening of the Application Tier.........................................................................53Appendix F: References & More Resources......................................................................................................57

Category:	How-To Guides/Manuals
Rating:
Upload Date:	09/11/2011
Copyright:	Attribution Non-commercial
Tags:	No tags

Appendix E: Sample Linux Hardening of the Application Tier for BestPractices4SecuringOracleEbusinessSuite

Sections

Info and Rating

Download and print this document

Choose a format to download in

Choose a format to download in

Download and print this document

Choose a format to download in

Appendix E: Sample Linux Hardening of the Application Tier for BestPractices4SecuringOracleEbusinessSuite

Sections

Info and Rating

Download and print this document

Choose a format to download in

Choose a format to download in

Download and print this document

Choose a format to download in

Other login options

Why Sign Up?

Login Successful

Sign Up Successful