Cheat sheet and tricks for Oracle Linux and Oracle Exadata.
Oracle Exadata Components
- Oracle Database Servers
- Exadata Storage Server (storage cells)
- InfiniBand switch
- Ethernet switch: Cisco switch
- Power distribution units (PDUs)
- Oracle Integrated Lights Out Manager (ILOM) for Database server, Exadata Storage Server & InfiniBand
- Keyboard, video, mouse (KVM)
Oracle Linux Hardening
- https://www.oracle.com/technical-resources/articles/it-infrastructure/admin-secure-linux-env.html
- https://www.oracle.com/technical-resources/articles/it-infrastructure/admin-tips-harden-oracle-linux.html
💡 “brute.credfile” contains username/password pairs delimited by “/”. Use credentials-exadata.txt (GitHub). “dos2unix” command might be necessary after copy/pasting the list.
# Minimizing the Software Footprint
# Services
netstat -tulp
# Look for default passwords
nmap -sV -p 22 --script ssh-brute.nse --script-args brute.credfile=/root/credentials_exadata.txt $IPOracle Exadata Default Passwords
Default passwords: https://cirt.net/passwords?vendor=Oracle
💡 Use credentials-exadata.txt (GitHub).
# Database Server:
root/welcome1
oracle/welcome1
grid/welcome1
grub/sos1Exadata
# Exadata Storage Server:
root/welcome1
celladmin/welcome1
cellmonitor/welcome1
# InfiniBand switch:
root/welcome1
nm2user/changeme
# Ethernet switch:
admin/welcome1
# Power distribution units (PDUs):
admin/welcome1
root/welcome1
# Database server ILOMs:
root/welcome1
# Exadata Storage Server ILOMs:
root/welcome1
# InfiniBand ILOMs:
ilom-admin/ilom-admin
ilom-operator/ilom-operator
# Keyboard, video, mouse (KVM):
admin/welcome1
# Oracle Gateway
custadmin/installDefault SNMP community strings
public
private
exadataOther useful commands
# Version
cat /etc/oracle-release
# SSH config
cat /etc/ssh/sshd_config
# List Database instances
cat /etc/oratab
# Connect to DB instance
su - oracle
. oraenv
[DBNAME]
sqlplus / as sysdba
-- List database links
select * from dba_db_links ORDER BY 1;