Simple Oracle Security Steps....
Interesting, many organisations don’t actually care looking at auditing an oracle database. I was recently reading a simple oracle auditing article which really gives us a quite a bit of over view from Oracle gurus. Below is the few Interesting things to look at Oracle database.
system / manager (this use can change sys's password)
sys / man (highest privileged account)
scott / tiger
alter all_user klx identified by asdfafds
grant dba to userid
grant connect to userid
identified by password (new user)
select username, password from sys.dba_users
select * from profile DEFAULT
alter profile default invalid_logins unlimited
audit connect on default whenever successful
audit connect on default whenever not successful
audit update on default whenever successful
delete * from sys.aud$
select owner, table_name from sys.dba_tables
Here is a nice link with tutorials on how to Secure Oracle. Decrypting Oracle toplink workbench passwords. Oracle Tools such as the decryption of the Oracle toplink mapping workbench password algorithm.