linux等保检查(linux等保三级)

linux部分

cat /etc/redhat-release

more /etc/shadow

more /etc/login.defs

more /etc/pam.d/system-auth

more /etc/profile

more /etc/ssh/sshd_config

ls -l /etc/passwd

more /etc/passwd

service rsyslog status

service auditd status

tail -20 /var/log/messages

netstat -ntlp

cat /etc/hosts.deny

cat /etc/hosts.allow

service --status-all | grep running

more /etc/sudo.conf

more /etc/selinux/config

ps -ef|grep auditd

ls -l /var/log

iptables -nv -L

oracle部分

SQL> conn / as sysdba
Connected.

select username,profile from dba_users;
select * from user_password_limits;
select * from user_resource_limits;
select limit from dba_profiles where profile ='DEFAULT' and resource_name= 'PASSWORD_VERIFY_FUNCTION'; //是否启用口令复杂度函数
select limit from dba_profiles where profile ='DEFAULT' and resource_name= 'PASSWORD_LOCK_TIME'; //口令锁定时间的设置语句(值为unlimited表示没有限制)
select limit from dba_profiles where profile ='DEFAULT' and resource_name= 'FAILED_LOGIN_ATTEMPTS'; //登录失败尝试次数的限制(值为unlimited表示没有限制)
select limit from dba_profiles where profile= 'DEFAULT' and resource_name= 'IDLE_TIME'; //查看空闲超时设置
select limit from dba_profiles where profile= 'DEFAULT' and resource_name= 'SESSIONS_PER_USER'; //查看是否对每个用户所允许的并行会话数进行了限制
select limit from dba_profiles where profile= 'DEFAULT' and resource_name= 'CPU_PER_SESSION'; //查看是否对一个会话使用的CPU时间进行了限制
select username,account_status from dba_users; //查看是否存在多余过期的账户
show parameter audit; ---该命令可在PL/SQL Developer软件的命令窗口执行；
show parameter process; ---该命令可在PL/SQL Developer软件的命令窗口执行；
select count(*) from v$process;
select count(*) from v$session;
select count(*) from v$session where status='ACTIVE';
select * from dba_sa_user_labels;

sqlserver(windows)

select * from syslogins where password is null;
sp_configure;
select name from syslogins;
select name,password from syslogins;