Oracle 参数 SEC_PROTOCOL_ERROR_FURTHER_ACTION 官方解释,作用,如何配置最优化建议
本站中文解释
SEC_PROTOCOL_ERROR_FURTHER_ACTION参数用于指定Oracle特定的安全组件拒绝连接时的处理方式,属于用户的安全认证和审核的一部分。
SEC_PROTOCOL_ERROR_FURTHER_ACTION允许的值仅有四种:
(1)FAILED_LOGIN_ATTEMPTS:如果登录失败次数超过固定值,那么连接将会被拒绝;
(2)CHANGE_USERNAME_PASSWORD:如果用户名或密码不正确,连接将会被拒绝,要求用户更改用户名或密码;
(3)LOCK_ACCOUNT:如果用户名或密码不正确,连接将会被拒绝,并自动锁定用户帐号;
(4)DROP:如果用户名或密码不正确,连接将会被拒绝,并直接关闭连接。
正确设置SEC_PROTOCOL_ERROR_FURTHER_ACTION参数的方法:
(1)第一步,在SQL*Plus命令行中输入“show parameter SEC_PROTOCOL_ERROR_FURTHER_ACTION”,查看当前的SEC_PROTOCOL_ERROR_FURTHER_ACTION参数的值;
(2)第二步,根据实际需要调整SEC_PROTOCOL_ERROR_FURTHER_ACTION参数,可以使用“alter system set SEC_PROTOCOL_ERROR_FURTHER_ACTION=value immediate”命令;
(3)第三步,使用“show parameter SEC_PROTOCOL_ERROR_FURTHER_ACTION”命令查看SEC_PROTOCOL_ERROR_FURTHER_ACTION参数是否已经成功设置。
以上就是有关Oracle参数SEC_PROTOCOL_ERROR_FURTHER_ACTION的详细说明及其正确设置方法的介绍。
官方英文解释
SEC_PROTOCOL_ERROR_FURTHER_ACTION
specifies the further execution of a server process when receiving bad packets from a possibly malicious client.
Property | Description |
---|---|
Parameter type |
String |
Syntax |
|
Default value |
|
Modifiable |
|
Modifiable in a PDB |
No |
Basic |
No |
Values
-
CONTINUE
The server process continues execution. The database server may be subject to a Denial of Service (DoS) if bad packets continue to be sent by a malicious client.
-
(DELAY,
integer
)
The client experiences a delay of integer seconds before the server process accepts the next request from the same client connection. Malicious clients are prevented from excessive consumption of server resources while legitimate clients experience a degradation in performance but can continue to function.
-
(DROP,
integer
)
The server forcefully terminates the client connection after integer cumulative bad packets. The server protects itself at the expense of the client (for example, a client transaction may be lost). The client may reconnect and attempt the same operation.
See Also:
Oracle Database Security
Guide for examples of using this parameter