Re: lsnrctl passwords

From: Niall Litchfield <niall.litchfield_at_gmail.com>
Date: Tue, 15 Apr 2008 12:52:48 +0100
Message-ID: <7765c8970804150452t4617bb8bo9622d034821c6909@mail.gmail.com>


Not entirely sure that I buy the second example but the first is definitely your major concern. Insiders are nearly always the problem

On 14/04/2008, Jared Still <jkstill_at_gmail.com> wrote:
> On Fri, Apr 11, 2008 at 9:00 AM, Blanchard William <
> William.Blanchard_at_kohler.com> wrote:
>
> > Wouldn't they need access to your network in order to access the
> > listener? I know that you can set up a similar entry in a listener.ora and
> > remotely access the listener (I did this to prove it) but I was behind the
> > firewall. I tried from home but wasn't able to access the listener using
> the
> > same technique.
> >
>
> Malicious users can exist inside the network.
>
> AKA employees
>
> This can also happen accidentally, say a DBA copies a listener.ora to his PC
> for
> modification, forgets to modify it, then stops the listener.
>
> Oops.
>
> --
> Jared Still
> Certifiable Oracle DBA and Part Time Perl Evangelist
>

-- 
Niall Litchfield
Oracle DBA
http://www.orawin.info
--
http://www.freelists.org/webpage/oracle-l
Received on Tue Apr 15 2008 - 06:52:48 CDT

Original text of this message