Pages

Thursday, June 18, 2015

Oracle Database files to be excluded in Anti-virus or any third party tools scan





Oracle Database files that needed to be excluded in Anti-virus scan or any third party tools scan:


If you do not exclude these files, there is maximum chance that your oracle files will be held into lock, while the scan is happening and oracle might have access on them when this scan happens and it might lead to i/o exceptions. In fact this is applicable to any Database system.
This might also lead to chances where your Database system might crash.


Always exclude these files :

Data files   Data files generally have a *.dbf extension
Example :

....\oracle\oradata\*.dbf

Redo files   Redo files have a *.log extension

NOTE: Redo logs will exist if the Oracle Development toolkit or backup and recovery are used)  
Example :

....\oracle\Inventory\logs\*.log

Control files   Control files have a *.ctl extension
Example :

....\oracle\oradata\*.ctl

YOU CAN GET THE PATHS FROM BELOW QUERIES :

select name from v$datafile;
select name from v$tempfile;
select member from v$logfile;
show parameter control_files;
show parameter log_archive_dest;
show log_archive_format;


Note : If you are writing audit files to server then exclude *.aud:

show parameter audit

IMPORTANT:  

Most Anti-virus companies does not advise excluding entire directories (such as the Oracle database directory and sub directories) from scanning as this poses a potential high security risk. Additionally you should not exclude any temp files or folders as these can be a target for security risks.

References :

McAfee :

https://kc.mcafee.com/corporate/index?page=content&id=KB54817

Norton :

https://support.symantec.com/en_US/article.TECH134383.html

No comments :

Post a Comment