[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 440
  • Last Modified:

oracle listener security best practice

are there any specific best practice recommendations for securing the oracle listener (for 10g and 11i), including how to check whether you are currently following the best practices or if there is work to do?
0
pma111
Asked:
pma111
  • 2
  • 2
2 Solutions
 
slightwv (䄆 Netminder) Commented:
You can password protect it:
http://docs.oracle.com/cd/E11882_01/network.112/e41945/listenercfg.htm#NETAG459

About the only other thing I can think of as far as security that involves the listener really isn't about the listener itself as much as protecting the database.  You can restrict what machines can connect to the database by ip address.
0
 
Geert GruwezOracle dbaCommented:
protection ... or the holes in it come mostly with using the defaults

i'll always remember a part of a film with navy seals having to go into a building
the door is locked with a very sophisticated lock
the navy seal enters the factory default password for that type of lock  ...
and guess what ...
the door opens !!!

try and use a different port than the standard 1521 port for the listener
0
 
pma111Author Commented:
so thats all there is to it, use a non default port and add a password?
0
 
Geert GruwezOracle dbaCommented:
why make it difficult ?
you still need to be able to get in
or the one coming after you
0
 
slightwv (䄆 Netminder) Commented:
Just thought of another one.

There was a pretty obscure vulnerability a while back.  There is a new parameter:
ADMIN_RESTRICTIONS_listener_name

http://www.oracle.com/technetwork/topics/security/listener-alert-132737.pdf
0

Featured Post

Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now