Oracle Use Cases

Oracle authentication records are used for authenticated scanning of Oracle database instances. It's possible to scan multiple Oracle instances on the same host and port.

 

Create a separate Oracle record for each of the Oracle instances you want to scan

In the Oracle record tell us the Oracle System ID (SID) for the database you want to authenticate to, and supply login credentials. The use cases below describe various configuration options.

 

 

Tell me about restricted ports

For non-authenticated vulnerability scans (without Oracle authentication enabled), we will attempt to connect to each port the Oracle instance is detected on in order to gather system information. In this case, there is no way to prevent restricted ports from being scanned. If Oracle is detected on Port 1521 and Port 1527, then we will scan both ports.