Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

oracle listener security best practice

Posted on 2014-02-14
5
Medium Priority
?
436 Views
Last Modified: 2014-02-20
are there any specific best practice recommendations for securing the oracle listener (for 10g and 11i), including how to check whether you are currently following the best practices or if there is work to do?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 77

Accepted Solution

by:
slightwv (䄆 Netminder) earned 1000 total points
ID: 39858830
You can password protect it:
http://docs.oracle.com/cd/E11882_01/network.112/e41945/listenercfg.htm#NETAG459

About the only other thing I can think of as far as security that involves the listener really isn't about the listener itself as much as protecting the database.  You can restrict what machines can connect to the database by ip address.
0
 
LVL 38

Assisted Solution

by:Geert Gruwez
Geert Gruwez earned 1000 total points
ID: 39858892
protection ... or the holes in it come mostly with using the defaults

i'll always remember a part of a film with navy seals having to go into a building
the door is locked with a very sophisticated lock
the navy seal enters the factory default password for that type of lock  ...
and guess what ...
the door opens !!!

try and use a different port than the standard 1521 port for the listener
0
 
LVL 3

Author Comment

by:pma111
ID: 39858954
so thats all there is to it, use a non default port and add a password?
0
 
LVL 38

Expert Comment

by:Geert Gruwez
ID: 39858979
why make it difficult ?
you still need to be able to get in
or the one coming after you
0
 
LVL 77

Expert Comment

by:slightwv (䄆 Netminder)
ID: 39859057
Just thought of another one.

There was a pretty obscure vulnerability a while back.  There is a new parameter:
ADMIN_RESTRICTIONS_listener_name

http://www.oracle.com/technetwork/topics/security/listener-alert-132737.pdf
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Cursors in Oracle: A cursor is used to process individual rows returned by database system for a query. In oracle every SQL statement executed by the oracle server has a private area. This area contains information about the SQL statement and the…
How to Unravel a Tricky Query Introduction If you browse through the Oracle zones or any of the other database-related zones you'll come across some complicated solutions and sometimes you'll just have to wonder how anyone came up with them.  …
This video shows information on the Oracle Data Dictionary, starting with the Oracle documentation, explaining the different types of Data Dictionary views available by group and permissions as well as giving examples on how to retrieve data from th…
This video shows how to configure and send email from and Oracle database using both UTL_SMTP and UTL_MAIL, as well as comparing UTL_SMTP to a manual SMTP conversation with a mail server.

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question