Re: Listener Vulnerabilities - how to address them

• From: ~Jeff~ <jifjif@xxxxxxxxx>
• To: oracle-l@xxxxxxxxxxxxx
• Date: Thu, 10 Apr 2008 17:24:23 +1200

2008/4/10 Tony Sequeira <tony@xxxxxxxxxxxxxxx>:
[snip]
>  Good point, but I believe the recommendation is that the password should
>  be encrypted in listener.ora file.

yes but curiously, the hashed password in the listener.ora also needs
to be protected.  Otherwise the hash can be read, without cracking it,
to admin the listener - this is the way my wrapper script works in
8-9i !!

setting the listener.ora to be 600 privs and oracle owned works ...
except where you have Oracle Apps and the listener is started by
applmgr (or similar).

We have this rolled out to all our pre-10g environments (hundreds) -
took ages :P

cheers-
Jeff
EDS NZ.
--
//www.freelists.org/webpage/oracle-l

• References:
  • Listener Vulnerabilities - how to address them
    • From: Tony Sequeira
  • RE: Listener Vulnerabilities - how to address them
    • From: Johnson, William L (TEIS)
  • RE: Listener Vulnerabilities - how to address them
    • From: Tony Sequeira

Other related posts:

• » Listener Vulnerabilities - how to address them
• » Re: Listener Vulnerabilities - how to address them
• » RE: Listener Vulnerabilities - how to address them
• » RE: Listener Vulnerabilities - how to address them
• » RE: Listener Vulnerabilities - how to address them
• » RE: Listener Vulnerabilities - how to address them
• » RE: Listener Vulnerabilities - how to address them
• » Re: Listener Vulnerabilities - how to address them

1. Home
2. oracle-l
3. Archive
4. 04-2008

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---