Pete Finnigan's Oracle Security Forum
        (http://www.petefinnigan.com/forum/yabb/YaBB.cgi)
      

        Oracle Security >> Oracle Security >> 10G - TNS Listener Security
        
(Message started by: Pete Finnigan on Jun 6th, 2006, 4:43pm)
Title: 10G - TNS Listener Security
Post by Pete Finnigan on Jun 6th, 2006, 4:43pm
Hey Guys,

As we all know, by default 10g TNS Listeners no longer reply to 'status' and 'services' commands which have been used in the past to enumerate the available SIDs on a server, this is all well and good  :).

Is there also a way of stopping the listener from replying to 'version' queries as well as this seems to be another form of information leakage ?

Thanks in advance

Andy
Title: Re: 10G - TNS Listener Security
Post by Pete Finnigan on Jun 6th, 2006, 7:43pm
Hi Andy,

You can consider firewall rules to prevent information leage from the listener

cheers

Pete


Powered by YaBB 1 Gold - SP 1.4!
Forum software copyright © 2000-2004 Yet another Bulletin Board