problems with new feature in 11g : failed login delay

In Oracle Database 11G there is a new 'feature' related to hacking prevention:
Logon Delays:
A hacker may attempt a brute force hack to break into your Oracle Database. In this case they try constant logons to the database using some form of a word list. Oracle 11g includes a logon delay that takes effect after the third failed password entry attempt. This makes the brute force hacking more difficult. After the third failed logon attempt, Oracle will incrementally delay subsequent logon or password prompts up to a maximum of 10 seconds. No delay will occur if the logon is successful.

BUT there is a problem/bug , until OracleDatabase version  ( or - not yet released ) . You can encounter this bug and experience high library cache contention , when you have both users connecting with good passwords and users connecting with bad passwords :

A hang problem can occur when many concurrent logins to the same user 
account are taking place, and some are with the wrong password.
Symptom is that this account no longer accepts any login, but other
accounts still allow login.
 bug 9720182
Versions confirmed as being affected
 Waits for "row cache lock"
Rediscovery Notes:
 Hang during login. 
 A Systemstate will show an X request blocking in this short stack, 
 because of an S wait ahead of it and another S behind it on the request 

Niciun comentariu:

Trimiteți un comentariu