Re: Listener security question

• From: Stephane Faroult <sfaroult@xxxxxxxxxxxx>
• To: jdunn@xxxxxxxxx
• Date: Wed, 08 Mar 2006 12:03:27 +0100

John,

In pre-Oracle 10 you can easily execute lsnrctl stat from another machine, and if you have guessed the good port, the listener tells you very obligingly what are the instances it is listening for, even if it is password-protected to prevent DOS attacks. IMHO SECURITY ON refers to the fact that this is no longer the case and that the listener keeps this information to itself. I would see it more like a 'we take security seriously' statement from Oracle than an on/off switch :-).
My guess is that there is no SECURITY OFF but two species of SECURITY ON, the password-protected one, for which you can probably (I haven't tried) list the instances if you are allowed to start/stop the listener, and the password-less one, for which you have to be connected to the server from an account in the dba group to do anything - and list anything.

Stephane Faroult

John Dunn wrote:

I notice under Oracle 10 when I run lsnrctl status I see

SECURITY ON

How is this set. Can I turn it off?

John

John Dunn
Product Consultant
Direct Dial +44 (0) 117 373 6122
Sefas Innovation Ltd, CityPoint, Temple Gate, Bristol BS1 6PL, UK.
Tel: +44(0) 117 373 6114
Fax: +44 (0) 117 373 6115

www.sefas.com

--
//www.freelists.org/webpage/oracle-l

--
//www.freelists.org/webpage/oracle-l

• References:
  • Listener security question
    • From: John Dunn

Other related posts:

• » Listener security question
• » Re: Listener security question

1. Home
2. oracle-l
3. Archive
4. 03-2006

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---