Overview

This document explains how to check each DB vulnerability diagnosis item.

This document is and diagnosis items were prepared based on customer inquiries.

 

Account Manager

 

List of accounts (User account management to block unauthorized access)

How to check

SELECT USER_NAME FROM SYSTEM_.SYS_USERS_;

 

How to manage

If there is an unnecessary account in the database user output result, check the DBA or application manager and remove it.

-- Delete user
DROP USER user_name ;

-- Delete the user and all objects created by the user
DROP USER user_name CASCADE;


Using weak password (change default account and password)

How to check

The default password for the user created when ALTIBASE HDB is installed is as follows.

USER

PASSWORD

SYS

MANAGER

ALTITEST

ALTITEST

Connect to the database and check whether to use the default password.

iSQL> CONNECT SYS/MANAGER;
Connect success.

How to manage

If access is possible with the default password, change the password of the user after checking the association with the application.

iSQL> ALTER USER user1 IDENTIFIED BY password1234$;
Alter success.

To know how to change the SYS user password, refer to the "How to change the sys user password' page.