STIGQter: STIG Summary: Oracle Database 11.2g Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

The DBMS must protect against or limit the effects of the organization-defined types of Denial of Service (DoS) attacks.

DISA Rule

SV-238477r667605_rule

Vulnerability Number

V-238477

Group Title

SRG-APP-000001-DB-000031

Rule Version

O112-C2-019100

Severity

CAT II

CCI(s)

• CCI-000054 - The information system limits the number of concurrent sessions for each organization-defined account and/or account type to an organization-defined number of sessions.

Weight

10

Fix Recommendation

Implement measures to limit the effects of organization-defined types of Denial of Service attacks.

Modify the $ORACLE_HOME/network/admin/listener.ora to establish a Rate Limit.

Check Contents

Review DBMS settings to verify the DBMS implements measures to limit the effects of the organization-defined types of Denial of Service (DoS) attacks. If measures have not been implemented, this is a finding.

Check the $ORACLE_HOME/network/admin/listener.ora to see if a Rate Limit has been established. A rate limit is used to prevent denial of service (DOS) attacks on a database or to control a login storm such as may be caused by an application server reboot.
- - - - -
Example of a listener configuration with rate limiting in effect:

CONNECTION_RATE_LISTENER=10

LISTENER=
(ADDRESS_LIST=
(ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521)(RATE_LIMIT=yes))
(ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1522)(RATE_LIMIT=yes))
(ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1526))
)
LISTENER=
(ADDRESS_LIST=
(ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521)(RATE_LIMIT=8))
(ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1522)(RATE_LIMIT=12))
(ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1526))
)

Vulnerability Number

V-238477

Documentable

False

Rule Version

O112-C2-019100

Severity Override Guidance

Review DBMS settings to verify the DBMS implements measures to limit the effects of the organization-defined types of Denial of Service (DoS) attacks. If measures have not been implemented, this is a finding.

Check the $ORACLE_HOME/network/admin/listener.ora to see if a Rate Limit has been established. A rate limit is used to prevent denial of service (DOS) attacks on a database or to control a login storm such as may be caused by an application server reboot.
- - - - -
Example of a listener configuration with rate limiting in effect:

CONNECTION_RATE_LISTENER=10

LISTENER=
(ADDRESS_LIST=
(ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521)(RATE_LIMIT=yes))
(ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1522)(RATE_LIMIT=yes))
(ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1526))
)
LISTENER=
(ADDRESS_LIST=
(ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521)(RATE_LIMIT=8))
(ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1522)(RATE_LIMIT=12))
(ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1526))
)

Check Content Reference

M

Target Key

4057

Comments