数据库管理系统检查命令清单.doc

数据库管理系统测评检查命令 Oracle 数据库 命令 说明 Oracle数据库管理系统测评检查命令 数据库检查时主要使用select只读查看命令，主要查看用户情况、安全策略配置文件、日志等。 cat /$ORACLE_HOME/rdbms/admin/utlpwdmg.sql cat /$ORACLE_HOME/network/admin/sqlnet.ora select * from v$version; select username,account_status from dba_users; select resource_name,limit from dba_profiles where profile='DEFAULT'; select granted_role from dba_role_privs where grantee='PUBLIC'; show parameter O7_DICTIONARY_ACCESSIBILITY; show parameter audit  show parameter audit_sys_operations; show parameter audit_trail; select * from dba_stmt_audit_opts; select grantee from dba_tab_privs where table_name='AUD$' and grantee not in ('DELETE_CATALOG_ROLE') and grantee not in (select grantee from dba_role_privs where granted_role='DBA'); select resource_name,limit from dba_profiles where profile='DEFAULT' and resource_type='KERNEL'; select username,profile from dba_users; select * from dba_role_privs where granted_role= 'DBA'; select * from V_$PWFILE_USERS; archive log list; show parameter log_archive_dest; select * from role_sys_privs; select * from dba_sys_privs select policy_name,status from dba_sa_policies; select * from sys.aud$ where ROWNUM<5; SELECT name,password FROM user$ WHERE name='SYS'; select name from v$database; select instance_name from v$instance; Mysql Mysql数据管理系统测评检查命令 数据库检查时主要使用select只读查看命令，主要查看用户情况、安全策略配置文件、日志等（连接数据库：mysql –uusername –ppassword show databases；use mysql；） cat my.ini select user(); select host,user,password from mysql.user; show global variables like "%timeout%"; show variables like '%skip_networking%'; show variables like 'log_%'; show variables; select * from mysql.user; select version(); netstat -lnpt | grep 3306 cat .mysql_history cat /etc/f SELECT DISTINCT CONCAT('User: ''',user,'''@''',host,''';') AS query FROM mysql.user; show grants for username@'hostname'; SELECT * FROM db