STIGQter: STIG Summary: Oracle Database 11g Instance STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017:

The Oracle OS_AUTHENT_PREFIX parameter should be changed from the default value of OPS$.

DISA Rule

SV-24902r2_rule

Vulnerability Number

V-2531

Group Title

Oracle OS_AUTHENT_PREFIX parameter

Rule Version

DO3447-ORACLE11

Severity

CAT III

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Specify an operating system authenticated username prefix other than OPS$.

From SQL*Plus:

alter system set os_authent_prefix = [prefix value] scope = spfile;

Compliant selections for [prefix value] are:
a null string ('')
a text value other than 'OPS$'

The above SQL*Plus command will set the parameter to take effect at next system startup.

Check Contents

From SQL*Plus:

select value from v$parameter where name = 'os_authent_prefix';

If the value returned is OPS$ or ops$, this is a Finding.

Vulnerability Number

V-2531

Documentable

False

Rule Version

DO3447-ORACLE11

Severity Override Guidance

From SQL*Plus:

select value from v$parameter where name = 'os_authent_prefix';

If the value returned is OPS$ or ops$, this is a Finding.

The Oracle OS_AUTHENT_PREFIX parameter should be changed from the default value of OPS$.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Responsibility

Target Key

Comments