Call: +44 (0)7759 277220 Call
Blog

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Hashattack - Oracle password tool update to version 2.0"] [Next entry: "Prime number researchers put encryption algorithms such as RSA at risk"]

New TNS protocol full client available for testing listener security



A new tool is available that can be used to test an Oracle listener. It is called "Oracle TNSLSNR Full Client" and has been provided by DokFLeed. It is written in C and is free and supports the following commands:

"ping , version , service , status change_password, help, reload, save_config, set connect_timout set display_mode, set log_directory , set log_file , set log_status , show , spawn stop"

The tool also supports full packet crafting (if you know what you are doing) and is based on the previous work by James Abendschan. The protocol has changed in 10g so this tool will be accompanied by a 10g version soon.

I have of course updated my Oracle Security tools page to include this tool.