Red-Database-Security GmbH is specialized in Oracle SecurityProductsRepscan 2.5 Hedgehog Enterprise Checkpwd (free)
Services
Information
Company |
Oracle Exploit stop TNS Listener via lsnrctl
Details If a TNS listener is not password protected everybody can stop the TNS listener (Denial of Service) by sending a STOP command to the TNS listener. This can be done with the lsnrctl command, the tnscmd perl script or via tnsnames.ora. Even if your TNS listener is protected by a firewall and only accessible via HTTP (e.g. from an application server) it is possible to shutdown the listener,e .g. via iSQLPlus or Oracle Forms, Oracle Reports ... Solution Protect your TNS Listener with a password and ADMIN_RESTRICTIONS in the listener.ora Example -- use the IP addess of the database server lsnrctl stop 192.22.33.44 Patch Information No patch required. Protect your TNS Listener. © 2005 by Red-Database-Security GmbH - last update 02-nov-2005 |
Hardening TNS-Listener
|