Hi all,
Seeking assistance with implementing Symantec System Lockdown on a Windows 2012 R2 server that runs Oracle Database 11g Enterprise release 11.2.0.4.0 64 bit edition.
Whitelist listening mode produces below calling application and target and hash value as an example. This happens for all the oracle calling processes on the server
D:\oracle\product\11.2.0\dbhome_1\BIN\tnsping D:\oracle\product\11.2.0\dbhome_1\perl\bin\perl.exe Target MD5=00000000000000000000000000000000
Appending the above as a whitelist item does not whitelist the application. Listening mode logs the item as an unapproved application.
Adding a whitelist hash for perl.exe also does not work. Listening mode in lockdown logs the same result.
Have tried putting in an File Name exception of D:\Oracle\* but this does not work either
Thanks and regards.