Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "More security help in 10g R2"] [Next entry: "more failed_login_attempts!"]

More details on default failed_login_attempts

Alex has just told me that every user in 10G R2 has the default profile with a failed_login_attempts value of 10 except the DBSNMP user which has a new profile called MONITORING_PROFILE with a default value of UNLIMITED for failed_login_attempts. This means that DBSNMP is a bigger security risk as a brute force attack using actual connect attempts would not be blocked by this feature.