Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: Listener password encryption

RE: Listener password encryption

From: Reidy, Ron <Ron.Reidy_at_arraybiopharma.com>
Date: Thu, 16 Feb 2006 18:47:03 -0700
Message-ID: <7209E76DACFED9469D4F5169F9880C7A9BD0@mail01bldr.arraybp.com> 





I disagree completely on this.  Setting the password can help to prevent
a DNS attack on the listener.  Of course, to know if the listener is
being attacked, you should have logging turned on and some kind of
process (swatch) watching the log file for invalid passwords (maybe a
brute force attack).



But hey, don't just take my word for it, read what Pete Finnigan says
about it:


http://www.google.com/custom?q=listener&sa=Google+Search&cof=S%3Ahttp%3A
%2F%2Fwww.petefinnigan.com%3BGL%3A0%3BAH%3Aleft%3BLH%3A70%3BL%3Ahttp%3A%
2F%2Fwww.petefinnigan.com%2Fimages%2Fcompany_logo_1.gif%3BLW%3A736%3BAWF
ID%3A4f683a6e994ed451%3B&domains=www.petefinnigan.com&sitesearch=www.pet
efinnigan.com



-----Original Message-----


From: oracle-l-bounce_at_freelists.org


[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Greg Norris
Sent: Thursday, February 16, 2006 12:03 PM
To: oracle-l_at_freelists.org


Subject: Re: Listener password encryption




I wouldn't even bother using an encrypted password, unless of course
this is being done to satisfy some (clueless) auditor's checklist. 
The way Oracle handles encrypted listener passwords, they're absolutely
no more secure than the cleartext counterpart... in fact, one could
easily argue that they're slightly *less* secure.



On 2/16/06, J. Dex <cemail_219_at_hotmail.com> wrote:


> I am trying to save an encrypted password for the listener and 

> although it responds that the command was completed successsfully, it 

> isn't turning on security and doesn't seem to be working.  Any ideas? 

> This is Oracle 9207 on a Windows 2003 server.  This is what I am 

> doing:

>

> LSNRCTL>set save_config_on_stop on

> LSNRCTL>set password password_name

>

> My understanding is that security in "status" should be set to on and 

> I should see some comments at the bottom of the listener file, but I 

> am not seeing those.



--
"I'm too sexy for my code." - Awk Sed Fred.
--
http://www.freelists.org/webpage/oracle-l



This electronic message transmission is a PRIVATE communication which contains
information which may be confidential or privileged. The information is intended 
to be for the use of the individual or entity named above. If you are not the 
intended recipient, please be aware that any disclosure, copying, distribution 
or use of the contents of this information is prohibited. Please notify the
sender  of the delivery error by replying to this message, or notify us by
telephone (877-633-2436, ext. 0), and then delete it from your system.

--
http://www.freelists.org/webpage/oracle-l


Received on Thu Feb 16 2006 - 19:47:03 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US