Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: Oracle rootkit

Re: Oracle rootkit

From: Paul Drake <bdbafh_at_gmail.com>
Date: Thu, 26 Jan 2006 12:30:42 -0500
Message-ID: <910046b40601260930u6959227ahddaf3467cac54c1b@mail.gmail.com>


On 1/26/06, Jared Still <jkstill_at_gmail.com> wrote:
>
>
>
> On 1/25/06, MacGregor, Ian A. <ian_at_slac.stanford.edu> wrote:
> >
> >
> > On a related topic, Oracle sometimes decides to startua second listener
> > on the same port; there by causing denial of service.
>
>
>
> If you mean the server does this automatically, can you explain? I'm not
> familiar with that.
>
> Under Oracle 9i and before the password only provided protection against
> > shutting down the listener, not starting it up.
> >
>
> IIRC you can shut down the listener remotely, but need to be on the server
> to start it.
> This applies to unix and linux.
>
> On windows, anyone with admin access can remotely stop/start the listener
> through the Services applet.
>
>
> --
> Jared Still
> Certifiable Oracle DBA and Part Time Perl Evangelist
>
>
>

Jared,

I've seen a second listener started up on the same port, hosing both listener proceses.
RHEL 3 AS, Oracle 10g R1 Standard Edition, 10.1.0.4. It was not determined how a 2nd listener process was started on the server.

Paul

--
http://www.freelists.org/webpage/oracle-l
Received on Thu Jan 26 2006 - 11:30:42 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US