Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: How to stop XDB

Re: How to stop XDB

From: Pete Finnigan <oracle_list_at_peterfinnigan.demon.co.uk>
Date: Thu, 27 Nov 2003 03:19:25 -0800
Message-ID: <F001.005D8044.20031127031925@fatcity.com> 





Hi 



Oracle 9ir2 default install comes with two additional ports (8080 and
2100) from the OSE integrated stack in the database. These are a
security risk if you do not actually need them and control them as
anyone with a browser can attempt to break into your database. You can
see them with "lsnrctl status" command or via enterprise manager.



The best way to get rid of them is to alter the init.ora file and remove
the line that reads



dispatcher=(PROTOCOL=TCP) (SERVICE=orat92XDB)



If you use spfile then copy to init.ora first, stop and start db with
init.ora and copy back to spfile. eg:



Create pfile='/path/initSID.ora' from 


Spfile='/path/spfileSID.ora'; 



Change initSID.ora 


Delete old spfile 



Create spfile='/path/spfileSID.ora' from  
Pfile='/path/initSID.ora'; 



Also Roby Sherman has a paper on xdb port nightmares with some other
solutions to removing these ports and changing the port numbers a link
to it is here http://www.petefinnigan.com/orasec.htm it is at the end of
the page.



hth



kind regards



Pete


-- 



Pete Finnigan


email:pete_at_petefinnigan.com


Web site: http://www.petefinnigan.com - Oracle security audit specialists
Book:Oracle security step-by-step Guide - see http://store.sans.org for details.



-- 



Please see the official ORACLE-L FAQ: http://www.orafaq.net


-- 



Author: Pete Finnigan


  INET: oracle_list_at_peterfinnigan.demon.co.uk


Fat City Network Services    -- 858-538-5051 http://www.fatcity.com
San Diego, California        -- Mailing list and web hosting services
---------------------------------------------------------------------


To REMOVE yourself from this mailing list, send an E-Mail message
to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).
Received on Thu Nov 27 2003 - 05:19:25 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US