Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: Listener security question

Re: Listener security question

From: Stephane Faroult <sfaroult_at_roughsea.com>
Date: Wed, 08 Mar 2006 12:03:27 +0100
Message-ID: <440EB9FF.9060502@roughsea.com>


John,

    In pre-Oracle 10 you can easily execute lsnrctl stat from another machine, and if you have guessed the good port, the listener tells you very obligingly what are the instances it is listening for, even if it is password-protected to prevent DOS attacks. IMHO SECURITY ON refers to the fact that this is no longer the case and that the listener keeps this information to itself. I would see it more like a 'we take security seriously' statement from Oracle than an on/off switch :-). My guess is that there is no SECURITY OFF but two species of SECURITY ON, the password-protected one, for which you can probably (I haven't tried) list the instances if you are allowed to start/stop the listener, and the password-less one, for which you have to be connected to the server from an account in the dba group to do anything - and list anything.

Stephane Faroult

John Dunn wrote:

>I notice under Oracle 10 when I run lsnrctl status I see
>
>SECURITY ON
>
>How is this set. Can I turn it off?
>
>
>John
>
>John Dunn
>Product Consultant
>Direct Dial +44 (0) 117 373 6122
>Sefas Innovation Ltd, CityPoint, Temple Gate, Bristol BS1 6PL, UK.
>Tel: +44(0) 117 373 6114
>Fax: +44 (0) 117 373 6115
>
>www.sefas.com
>
>
>
>--
>http://www.freelists.org/webpage/oracle-l
>
>
>
>
>

--
http://www.freelists.org/webpage/oracle-l
Received on Wed Mar 08 2006 - 05:03:27 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US