[Previous entry: "JHeadstart has some new features slated for the next release"] [Next entry: "42 security bugs found in Oracle's Metalink database - Some serious!"]
A new short paper on Alex's site - How to change XMLDB Ports
May 28th, 2005 by Pete
Post to del.icio.us
Post to Furl
I saw a new paper on Alex's site the other day titled "Change XMLDB Ports" that explains how to change the default port numbers for HTTP and FTP in XMLDB. The paper is short and sweet and includes example PL/SQL code to change the port numbers. I have a simple paper on my site that shows a different way to disable the ports completely. This paper is called "How to Stop / shutdown the ftp and http ports (2100 and 8080) on 91R2". Alex's paper does not allude to the fact that his code can also be used to disable the ports completely as well. This can be done by setting the port numbers to 0 (zero) in each PL/SQL call. The ports are enabled by default and should be disabled if the functionality is not needed. There are exploit codes published to attack these ports. There is also a Roby Sherman paper on the same subject. There is a link to it on my Oracle security white papers page - search on Roby with CRTL-F in the page.
