Re: Question re security

From: Adric Norris <landstander668_at_gmail.com>
Date: Fri, 17 Jan 2014 10:39:43 -0600
Message-ID: <CAJueESoss_QkE4-H1ezp7E0y0-DPKL7TuVZAddgJ3HQ4Qs+S8Q_at_mail.gmail.com>

On Fri, Jan 17, 2014 at 12:59 AM, Nuno Souto <dbvision_at_iinet.net.au> wrote:

> 1521 is the default Oracle listener port since the deluge. Using that
> port is
> an open avenue for any hacker worth his/her salt to run a sniffer in a
> Linux node to get all Oracle pwds.
> First thing I do in any site I run is change the port to something else -
> which is NOT disclosed other than through tnsnames.
> Uh-huh, not with this mob. 1521 is "the recommended port" and that is
> what must be used.
> REALLY?
>

I'm not saying this isn't a valid opinion, and I've certainly seen it expressed numerous times, but it only takes about 3 seconds for nmap (or similar utilities) to identify the changed port. This might provide a small amount of protection, against the fire-and-forget script kiddies, but is unlikely to deter a motivated attacker in the slightest.

Enabling network encryption, on the other hand, can provide quite a bit of protection against network sniffing.

--
http://www.freelists.org/webpage/oracle-l

Received on Fri Jan 17 2014 - 17:39:43 CET

This message: [ Message body ]
Next message: Andy Klock: "Re: Question re security"
Previous message: Job Miller: "Re: Question re security"
In reply to: Nuno Souto: "Re: Question re security"
Next in thread: Andy Klock: "Re: Question re security"
Reply: Andy Klock: "Re: Question re security"
Reply: Hans Forbrich: "Re: Question re security"
Reply: Nuno Souto: "Re: Question re security"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message