- SEC_CASE_SENSITIVE_LOGON TRUE in 11GR1 , 11GR2, DEPRECATED IN 12C
- SEC_MAX_FAILED_LOGIN_ATTEMPTS default 11GR1,11GR2=10, 12c=3
- SEC_PROTOCOL_ERROR_FURTHER_ACTION default is CONTINUE in 11GR1, 11GR2, drop, 3 in 12c
- SEC_PROTOCOL_ERROR_TRACE_ACTION default is TRACE 11GR1,11GR2, 12c
- SEC_RETURN_SERVER_RELEASE_BANNER default is FALSE in 11GR1, 11GR2, TRUE in 12c
The one application that I know does not support case sensitive passwords is EBS R12.1.1 but there is a patch (12964564) if you wish to upgrade to 12c (or even continue to run at 11GR1) .
From 12c the default has changed to DROP, 3. This means drop the connection after 3 bad packets have arrived from a client. Which sounds good as potentially a trace file will not become too big. However there is nothing stopping a client attempting many such connections, all with bad packets, which could potentially cause a DoS, not by using all your processes, but by filling your log area.
With this change of default I think it is even more important to know when connections are being dropped by the SEC_PROTOCOL_ERROR_TRACE_ACTION parameter and that is why I would suggest setting SEC_PROTOCOL_ERROR_FURTHER_ACTION to CONTINUE