The other day Ivan posted a useful script on a thread on my Oracle security forum. The thread is titled "Detecting brute forcing listener password" and in it Ivan describes and presents a simple Perl script that can be used to detect possible brute force attempts against the listener password. The script sits there spinning and every minute it checks for any new TNS-01169 error messages and emails the person set up as the alert recipient.
Itís not a bad first attempt at a brute force detector for the listener, as Ivan says it can be improved easily in many ways. Please feel free to improve it and let us all know on the same thread.