打开审计攻击
查看当前审计状态
sp_configure 'auditing'
打开审计
第一步、先初始化审计设备
disk init name = "auditdev", physname = "/opt/sybase/data/c2d0s4", size = "100M"
disk init name = "auditlogdev", physname = "/opt/sybase/data/c2d0s5", size = "200M"
create database sybsecurity on auditdev log on auditlogdev
第二步、执行审计安装脚本
docker exec -t sybase157 /bin/bash /sybase/isql -i"/opt/sybase/ASE-15_0/scripts/installsecurity"
第三步、打开审计
sp_configure 'auditing',1
第四步、重启
第五步、设置审计规则
sp_audit "update", "all", "table_name", "on"
sp_audit "insert", "all", "table_name", "on"
sp_audit "delete", "all", "table_name", "on"
sp_audit "truncate", "all", "master", "on"
sp_audit "drop", "all", "master", "on"
sp_audit "login", "all", "all", "fail"
sp_audit "security", "all", "all", "off"
sp_audit "login_admin", "all", "all", "on"
「真诚赞赏,手留余香」
Little Star Blog真诚赞赏,手留余香
使用微信扫描二维码完成支付
