?
Solved

DB2 Audit Program

Posted on 2012-08-12
7
Medium Priority
?
2,424 Views
Last Modified: 2013-12-07
I need to a DB2 database, are there any audit checklist and data request list(SQL for getting data from IT Department) out there?
I tried to search on the web, and j only found this
http://www.ibm.com/developerworks/data/library/techarticle/dm-0607wasserman/index.html

But I have got no idea where are those setting reside(i.e. which table or file)

Hope someone can help!
0
Comment
Question by:mawingho
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 37

Expert Comment

by:momi_sabag
ID: 38286260
i did not understand what is the question
0
 

Author Comment

by:mawingho
ID: 38286265
are there any audit checklist for DB2?
0
 
LVL 37

Expert Comment

by:momi_sabag
ID: 38286276
there is no predefined checklist
each customer should create his own checklist according to his own needs
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 27

Expert Comment

by:tliotta
ID: 38290532
What do you want an audit to find out?

Tom
0
 

Author Comment

by:mawingho
ID: 38290639
Security setting
0
 
LVL 3

Accepted Solution

by:
pma111 earned 2000 total points
ID: 38295623
Not sure for DB2, but DoD have a good generic checklist for any DB, and then a user/DBA manual for DB2 could be used to see how to check each area for that specific technology:


http://iase.disa.mil/stigs/app_security/database/general.html

Some other links:

https://www.owasp.org/index.php/OWASP_Backend_Security_Project_DB2_Hardening
http://benchmarks.cisecurity.org/en-us/?route=community.maintainers.groups.db2
https://benchmarks.cisecurity.org/tools2/db2/CIS_IBM_DB2_Benchmark_v1.2.0.pdf

Also many plugins on tools like Nessus/OpenVAS for DB2:


Name Family
10871 DB2 Multiple CGI Single Byte Request Remote DoS Databases
11859 Default Password (ibmdb2) for 'db2inst1' Account Default Unix Accounts
11860 Default Password (db2fenc1) for 'db2fenc1' Account Default Unix Accounts
11861 Default Password (ibmdb2) for 'db2fenc1' Account Default Unix Accounts
11862 Default Password (db2inst) for 'db2inst1' Account Default Unix Accounts
11863 Default Password (ibmdb2) for 'db2as' Account Default Unix Accounts
11864 Default Password (db2as) for 'db2as' Account Default Unix Accounts
11896 DB2 Discovery Service Malformed UDP Packet Remote DoS Databases
15486 DB2 < 8 Fix Pack 7a Multiple Vulnerabilities Databases
18912 FreeBSD : mozilla -- heap overflow in NNTP handler (3fbf9db2-658b-11d9-abad-000a95bc6fae) FreeBSD Local Security Checks
21383 FreeBSD : gaim -- AIM/ICQ non-UTF-8 filename crash (09db2844-0b21-11da-bc08-0001020eed82) FreeBSD Local Security Checks
22016 DB2 Administration Server Detection Databases
22017 DB2 Discovery Service Detection Databases
22416 DB2 Connection Port Detection Databases
22417 DB2 Interrupt Port Detection Databases
22447 DB2 JDBC Applet Server Detection Databases
23935 DB2 < 8.1 FixPak 12 EXCSAT Long MGRLVLLS Message Remote DoS Databases
23936 DB2 < 8.1 FixPak 13 CONNECT Processing Unspecified DoS Databases
23937 DB2 < 8.1 FixPak 14 Multiple Vulnerabilities Databases
24699 DB2 < 9 Fix Pack 2 Multiple Vulnerabilities Databases
25905 DB2 < 9 Fix Pack 3 / 8 FixPak 15 Multiple Vulnerabilities Databases
28227 DB2 < 9 Fix Pack 4 Multiple Vulnerabilities Databases
29292 GLSA-200712-05 : PEAR::MDB2: Information disclosure Gentoo Local Security Checks
30153 DB2 < 8.1 FixPak 16 Multiple Vulnerabilities Databases
33128 DB2 < 9 Fix Pack 5 Multiple Vulnerabilities Databases
33763 DB2 < 9.5 Fix Pack 1 Multiple Vulnerabilities Databases
33852 Default Password (db2admin) for 'db2admin' Account on Windows Databases
34056 DB2 9.5 < Fix Pack 2 Multiple Vulnerabilities Databases
34195 DB2 8 < Fix Pack 17 Multiple Vulnerabilities Databases
34475 DB2 9.1 < Fix Pack 6 Multiple Vulnerabilities Databases
36216 DB2 9.1 < Fix Pack 7 Multiple Vulnerabilities Databases
39007 DB2 < 9.5 Fix Pack 4 Multiple Vulnerabilities Databases
40662 DB2 8.1 < Fix Pack 18 Multiple Vulnerabilities Databases
42044 DB2 9.1 < Fix Pack 8 Multiple Vulnerabilities Databases
43172 DB2 9.5 < Fix Pack 5 Unspecified Vulnerabilities Databases
46173 DB2 9.1 < Fix Pack 9 Multiple Vulnerabilities Databases
46766 DB2 9.7 < Fix Pack 2 Multiple Vulnerabilities Databases
47901 IBM Tivoli Directory Server ldapinst.log DB2 Admin Password Disclosure Windows
49120 DB2 9.5 < Fix Pack 6a Multiple Vulnerabilities Databases
50451 DB2 9.7 < Fix Pack 3 Multiple Vulnerabilities Databases
51840 DB2 9.1 < Fix Pack 10 Multiple Vulnerabilities Databases
51841 DB2 9.5 < Fix Pack 7 Multiple Vulnerabilities Databases
53547 DB2 9.7 < Fix Pack 4 Multiple Vulnerabilities Databases
55690 DB2 Unsupported Version Detection Databases
56928 DB2 9.7 < Fix Pack 5 Multiple Denial of Service Vulnerabilities Databases
58293 DB2 9.5 < Fix Pack 9 Multiple Vulnerabilities Databases
59644 DB2 9.1 < Fix Pack 11 Multiple Denial of Service Vulnerabilities Databases
59904 DB2 9.7 < Fix Pack 6 Multiple Vulnerabilities Databases
59905 DB2 9.8 < Fix Pack 5 Multiple Vulnerabilities Databases
60098 DB2 9.1 < Fix Pack 12 Multiple Vulnerabilities Databases
0
 
LVL 3

Assisted Solution

by:pma111
pma111 earned 2000 total points
ID: 38295628
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's take a look into the basics of ransomware—how it spreads, how it can hurt us, and why a disaster recovery plan is important.
The Internet has made sending and receiving information online a breeze. But there is also the threat of unauthorized viewing, data tampering, and phoney messages. Surprisingly, a lot of business owners do not fully understand how to use security t…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question