Solved

oracle listener security best practice

Posted on 2014-02-14
5
410 Views
Last Modified: 2014-02-20
are there any specific best practice recommendations for securing the oracle listener (for 10g and 11i), including how to check whether you are currently following the best practices or if there is work to do?
0
Comment
Question by:pma111
  • 2
  • 2
5 Comments
 
LVL 76

Accepted Solution

by:
slightwv (䄆 Netminder) earned 250 total points
ID: 39858830
You can password protect it:
http://docs.oracle.com/cd/E11882_01/network.112/e41945/listenercfg.htm#NETAG459

About the only other thing I can think of as far as security that involves the listener really isn't about the listener itself as much as protecting the database.  You can restrict what machines can connect to the database by ip address.
0
 
LVL 36

Assisted Solution

by:Geert Gruwez
Geert Gruwez earned 250 total points
ID: 39858892
protection ... or the holes in it come mostly with using the defaults

i'll always remember a part of a film with navy seals having to go into a building
the door is locked with a very sophisticated lock
the navy seal enters the factory default password for that type of lock  ...
and guess what ...
the door opens !!!

try and use a different port than the standard 1521 port for the listener
0
 
LVL 3

Author Comment

by:pma111
ID: 39858954
so thats all there is to it, use a non default port and add a password?
0
 
LVL 36

Expert Comment

by:Geert Gruwez
ID: 39858979
why make it difficult ?
you still need to be able to get in
or the one coming after you
0
 
LVL 76

Expert Comment

by:slightwv (䄆 Netminder)
ID: 39859057
Just thought of another one.

There was a pretty obscure vulnerability a while back.  There is a new parameter:
ADMIN_RESTRICTIONS_listener_name

http://www.oracle.com/technetwork/topics/security/listener-alert-132737.pdf
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Suggested Solutions

I remember the day when someone asked me to create a user for an application developement. The user should be able to create views and materialized views and, so, I used the following syntax: (CODE) This way, I guessed, I would ensure that use…
Configuring and using Oracle Database Gateway for ODBC Introduction First, a brief summary of what a Database Gateway is.  A Gateway is a set of driver agents and configurations that allow an Oracle database to communicate with other platforms…
This video shows, step by step, how to configure Oracle Heterogeneous Services via the Generic Gateway Agent in order to make a connection from an Oracle session and access a remote SQL Server database table.
This video shows how to Export data from an Oracle database using the Datapump Export Utility.  The corresponding Datapump Import utility is also discussed and demonstrated.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now