Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Scanning the network for Oracle Instances

Re: Scanning the network for Oracle Instances

From: Joel Garry <joel-garry_at_home.com>
Date: 10 Sep 2004 14:45:43 -0700
Message-ID: <91884734.0409101345.54fd9f92@posting.google.com> 





Pete Finnigan <plsql_at_petefinnigan.com> wrote in message news:<RRh4uUBRVWQBRxVe_at_peterfinnigan.demon.co.uk>...


> In article <1094786749.852349_at_yasure>, Daniel Morgan

> <damorgan_at_x.washington.edu> writes

> >Latyr_Dev wrote:

> >

> >> Hi

> >> Is there a way to scan an entire network (LAN) to find which boxes have 

> >> Oracle instances running 

> >> If yes, will it be possible to identify what version they are.

> >> I came across some materials explaining how to perform this with SQL 

> >> Server

> >

> >Oracle version?

> >Operating system?

> >

> >My answer ... not if the network is properly configured. If you can do

> >it ... so can a cracker. So it is no surprise it can be done with

> >SQL Server as Windows has very weak security.

> Hi Daniel,

> 

> You are right about the network configuration. It may not be possible to

> find all hosts from one network location but if you are scanning your

> own company it should be possible to understand the network and scan

> from one place or multiple points to check all hosts. because you can do

> it internally doesn't mean an external hacker could do it. Employees are

> a different prospect though..:-) It can be done quite simply and there

> are a number of ways to do it. You are not searching for database though

> but listeners remember!. You can find listeners though and then query

> them to find out what services they support and then try and connect and

> see if the database is up. Some ideas:

> 




In addition, you can check each node for things that are common to
Oracle, and perhaps pick up down instances and those without
listeners.  Just poking around I've found forgotten instances (!) at
times.  The mind boggles.



Look for files named oracle, *.ora, dboraenv, lsnrctl, orainst,
system*.dbf, oraInventory* and so forth.  Version identification is,
um, version specific, and more difficult than one would suppose if you
get too choosy.  To find running instances, you can check process
names (oracle.exe on Win, ora_ on *nix) or shared memory with
appropriate tools.



jg

--
@home.com is bogus.
"Wax Bush" - tshirt worn by pretty young lady.


Received on Fri Sep 10 2004 - 16:45:43 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US