Re: Listener password encryption
- From: "Niall Litchfield" <niall.litchfield@xxxxxxxxx>
- To: spikey.mcmarbles@xxxxxxxxx
- Date: Fri, 17 Feb 2006 09:49:18 +0000
That is what lies behind the change in 10.1 I think to limit the listener to
within the control of an OS account that is a member of the DBA group.
Obviously everyone restricts membership of this group and all users in it
have strong and secure passwords....
Niall
On 2/16/06, Greg Norris <spikey.mcmarbles@xxxxxxxxx> wrote:
>
> I wouldn't even bother using an encrypted password, unless of course
> this is being done to satisfy some (clueless) auditor's checklist.
> The way Oracle handles encrypted listener passwords, they're
> absolutely no more secure than the cleartext counterpart... in fact,
> one could easily argue that they're slightly *less* secure.
>
> On 2/16/06, J. Dex <cemail_219@xxxxxxxxxxx> wrote:
> > I am trying to save an encrypted password for the listener and although
> it
> > responds that the command was completed successsfully, it isn't turning
> on
> > security and doesn't seem to be working. Any ideas?
> > This is Oracle 9207 on a Windows 2003 server. This is what I am doing:
> >
> > LSNRCTL>set save_config_on_stop on
> > LSNRCTL>set password password_name
> >
> > My understanding is that security in "status" should be set to on and I
> > should see some comments at the bottom of the listener file, but I am
> not
> > seeing those.
>
> --
> "I'm too sexy for my code." - Awk Sed Fred.
> --
> //www.freelists.org/webpage/oracle-l
>
>
>
--
Niall Litchfield
Oracle DBA
http://www.orawin.info
Other related posts:
