Security Audit Configuration

System Catalog Access Restriction to General Account

Risk Analysis

System Catalog, which contains metadata about the database management and statistics, and database information can be accessed through a general account.

Risk Impact

System catalog information of database may be exposed.

Solution

Restrict access to system catalog with meta data of database, allowing access to certain DBAs only.

The following is the way to revoke privilege from the public.

REVOKE <privilege> ON <system catalog object> FROM PUBLIC;

Network Access Control

Risk Analysis

DBMS information may be exposed from a remote server.

Risk Impact

Data may be exposed to an unauthorized IP address user.

Solution

Define the following parameters in the $TB_SID.tip file to specify allowed and restricted IP addresses for access.

LSNR_INVITED_IP
LSNR_DENIED_IP
LSNR_INVITED_IP_FILE
LSNR_DENIED_IP_FILE

The following is an example of LSNR_INVITED_IP registration.

LSNR_INVITED_IP="192.168.20.0/24;192.168.10.101"

If registered as described above, the following will be shown in the $TB_HOME/instance/$TB_SID/log/lsnr/trace_list.log file.

*** listener started and got into main loop ***
[INVITED-IP] 192.168.20.0 / 255.255.255.0
[INVITED-IP] 192.168.10.101 / 255.255.255.255

The following is an example of LSNR_INVITED_IP_FILE registration.

LSNR_INVITED_IP_FILE="/home/tibero/tibero7/invited.list"

After registering as described above, create a list of allowed IP addresses in the file (invited.list) specified in the LSNR_INVITED_IP_FILE.

# WAS_JEUS
192.168.22.20
192.168.44.10
### END OF FILE ###

DB Link Encryption Setting Check

Risk Analysis

DB Link is a Tibero object that defines the connection settings for accessing another database over a network from a client or the current database. If the DB Link between the client and database is not encrypted, sensitive information such as passwords may be exposed when accessing a remote server.

Risk Impact

Malicious users may expose passwords through network attacks like sniffing.

Solution

Not applicable as Tibero encrypts the remote server password when setting up DB Link.

Audit Trail Recording Setting

Risk Analysis

By enabling audit settings, statements, privileges, and objects accessed by users can be audited. Audit records can be used for precise analysis in the event of a infringement accident or system failure.

Risk Impact

Cause of infringement incidents or failures become difficult to identify.

Solution

To enable auditing, set the value of 'AUDIT_TRAIL' in TIP file to one of the following { NONE | DB | DB_EXTENDED | OS }.

The following is an example of setting in the $TB_HOME/config/$TB_SID.tip file.

#AUDIT Setting
AUDIT_TRAIL=OS
AUDIT_SYS_OPERATIONS=Y
AUDIT_FILE_DEST=/tibero/tbdata/audit/

Audit Log File Access Control

Risk Analysis

Sensitive server information may be exposed if audit logs can be read or written by other users.

Risk Impact

Unauthorized users may tamper with or expose the audit log files.

Solution

Set the directory permissions for the path specified in AUDIT_FILE_DEST to 750 or 700 or lower.

AUDIT_FILE_DEST에 설정된 경로의 디렉터리 권한을 750 또는 700 이하로 설정합니다.