Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Listener Passwords, who uses them and why?

Re: Listener Passwords, who uses them and why?

From: Pete Finnigan <plsql_at_peterfinnigan.demon.co.uk>
Date: Tue, 9 Aug 2005 15:09:58 +0100
Message-ID: <+8WjVtA2kL+CRxfN@peterfinnigan.demon.co.uk> 





Hi Terry,



Definitely set both. The listener passwords can be attacked, either
brute force or dictionary attacks. There are no failed login attempts
parameters for it either. 



I would advise setting both the listener password and ADMIN_RESTRICTIONS
_listenername - having the admin restrictions set means changes have to
be done locally



I am always sceptical about documentation that advises you to not set
security features.



cheers



Pete

-- 
Pete Finnigan (email:pete_at_petefinnigan.com)
Web site: http://www.petefinnigan.com - Oracle security audit specialists
Oracle Security Forum: http://www.petefinnigan.com/forum/yabb/YaBB.cgi
Oracle security blog: http://www.petefinnigan.com/weblog/entries/index.html
Book:Oracle security step-by-step Guide - see http://store.sans.org for details.


Received on Tue Aug 09 2005 - 09:09:58 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US