Auditing an Oracle database for security issues is very important. PeteFinnigan.com provides all of the information and tools that you will need Click here for details of PeteFinnigan.com Limited's detailed Oracle database security audit service Click here for details of PeteFinnigan.com Limited's Oracle Security Training Courses
Cookie Policy:We only use essential cookies on small sections of this website. For details see here.

Welcome, Guest. Please Login.
Jan 20th, 2018, 3:17pm
News: Welcome to Pete Finnigan's Oracle security forum
Home | Help | Search | Members | Login
   Pete Finnigan's Oracle Security Forum
   Oracle Security
   Oracle Security
(Moderator: Pete Finnigan)
   password for listener still needed?
« Previous topic | Next topic »
Pages: 1  Reply | Notify of replies | Send Topic | Print
   Author  Topic: password for listener still needed?  (Read 7034 times)
isaez
PeteFinnigan.com Junior Member
**



Ivan

   
View Profile |

Gender: male
Posts: 76
password for listener still needed?
« on: Sep 22nd, 2005, 3:07pm »
Quote | Modify

Hi,
 
In 10g the listener is by default protected:
lsnrctl status
....
Security   ON: Local OS Authentication
...
 
This means that only oracle (and maybe other in the dba/oinstall group?) can stop/start the listener. In older oracle releases (7,8, and 9i) I allways use a password to protect the listener and so I did for my new 10gr2 installation and when I ask for the status of the listener I get:
...
Security   ON: Password or Local OS Authentication
...
 
But now I'm wondering if it is a good idea. If some other ordinary user  gets to know my listener password he/she can stop it by doing a 'set password' first. So my preliminary conclusion is that a listener without a password is safer! Is this true or am I missing something?
 
regards,
 
Ivan
IP Logged

regards,

Ivan
kornbrust
PeteFinnigan.com Newbie
*





   
View Profile |

Gender: male
Posts: 27
Re: password for listener still needed?
« Reply #1 on: Sep 22nd, 2005, 6:19pm »
Quote | Modify

Ivan
 
your assumption is correct. A 10g listener with password is less secure then a listener without password protection.
 
Setting a password in 10g allows every user with the listener password to administer the listener, see also
 
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_d atabase_id=NOT&p_id=260986.1
 
 
Regards
 
 Alexander
 
------
 
 
« Last Edit: Sep 17th, 2009, 5:15pm by Pete Finnigan » IP Logged
Pages: 1  Reply | Notify of replies | Send Topic | Print

« Previous topic | Next topic »

Powered by YaBB 1 Gold - SP 1.4!
Forum software copyright 2000-2004 Yet another Bulletin Board