Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Listener Passwords, who uses them and why?

Re: Listener Passwords, who uses them and why?

From: Pete Finnigan <plsql_at_peterfinnigan.demon.co.uk>
Date: Tue, 9 Aug 2005 15:09:58 +0100
Message-ID: <+8WjVtA2kL+CRxfN@peterfinnigan.demon.co.uk>


Hi Terry,

Definitely set both. The listener passwords can be attacked, either brute force or dictionary attacks. There are no failed login attempts parameters for it either.

I would advise setting both the listener password and ADMIN_RESTRICTIONS _listenername - having the admin restrictions set means changes have to be done locally

I am always sceptical about documentation that advises you to not set security features.

cheers

Pete

-- 
Pete Finnigan (email:pete_at_petefinnigan.com)
Web site: http://www.petefinnigan.com - Oracle security audit specialists
Oracle Security Forum: http://www.petefinnigan.com/forum/yabb/YaBB.cgi
Oracle security blog: http://www.petefinnigan.com/weblog/entries/index.html
Book:Oracle security step-by-step Guide - see http://store.sans.org for details.
Received on Tue Aug 09 2005 - 09:09:58 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US