*http://www.petefinnigan.com/ramblings/set_listener_password.htm <http://www.petefinnigan.com/ramblings/set_listener_password.htm>*
*Setting an encrypted Oracle listener password* Anyway as I said this is not the best way to secure your listener. It should be done with an encrypted password as follows: C:\oracle\ora90\network\admin>lsnrctl LSNRCTL for 32-bit Windows: Version 9.2.0.1.0 - Production on 24-FEB-2004 11:27: 55 Copyright (c) 1991, 2002, Oracle Corporation. All rights reserved. Welcome to LSNRCTL, type "help" for information. LSNRCTL> set current_listener listener Current Listener is listener LSNRCTL> change_password Old password: New password: Reenter new password: Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC0))) Password changed for listener The command completed successfully LSNRCTL> set password Password: The command completed successfully LSNRCTL> save_config Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC0))) Saved LISTENER configuration parameters. Listener Parameter File C:\oracle\ora90\network\admin\listener.ora Old Parameter File C:\oracle\ora90\network\admin\listener.bak The command completed successfully LSNRCTL> You must save the configuration after setting the password otherwise it will be lost. Also you can check what was generated by looking in the listener.ora file. This is what was generated from the above commands: #----ADDED BY TNSLSNR 24-FEB-2004 11:29:18--- PASSWORDS_LISTENER = F0354118688257FB #-------------------------------------------- Em ter, 29 de mar de 2016 às 10:52, angelo angelolis...@gmail.com [oracle_br] <oracle_br@yahoogrupos.com.br> escreveu: > > > Pô mas essa senha fica solta no arquivo e em txt ? > > não tão segura porque o invasor pode resolver tentar invadir o servidor de > uma vez... > > > Solution > Protect your TNS Listener with a password and ADMIN_RESTRICTIONS in the > listener.ora > > > > 2016-03-29 10:45 GMT-03:00 Vitor Junior vitorj...@gmail.com [oracle_br] < > oracle_br@yahoogrupos.com.br>: > > Sim, é possível, antigo e bem comum! :) >> >> >> http://www.red-database-security.com/exploits/oracle-exploit-stop-tns_listener.html >> >> >> >> >> Em ter, 29 de mar de 2016 às 10:40, 'Ednilson Silva' >> ednilson.si...@jbs.com.br [oracle_br] <oracle_br@yahoogrupos.com.br> >> escreveu: >> >>> >>> >>> Pessoal, >>> >>> Recebi uma solicitação de nossa auditoria para implementar uma senha >>> para o tnslsnr para que o serviço não seja parado remotamente. >>> >>> Existe a possibilidade de parar o listener remotamente, sem ter acesso >>> ao servidor? Como ? >>> >>> >>> >>> Pesquisando vi que dá para colocar uma senha no serviço, mas nunca ouvi >>> falar disso. >>> >>> >>> >>> Grato >>> >>> Ednilson Silva >>> >>> -- >> > Att,/Regards, >> >> >> Vitor Jr. >> Infraestrutura / Infrastructure Team >> >> Oracle 12c DBA Certified Professional - OCP 12c >> Oracle 11g DBA Certified Professional - OCP 11g >> Oracle Certified Expert, Oracle Real Application Clusters 11g and Grid >> Infrastructure Administrator - OCE >> Oracle Database 11g Performance Tuning Certified Expert - OCE >> Oracle Exadata 11g Certified Implementation Specialist >> Oracle Certified Associate, MySQL 5 >> mail, gtalk e msn: vitorj...@gmail.com >> http://certificacaobd.com.br/ >> skype: vjunior1981 >> https://mybizcard.co/vitor.jr.385628 >> >> > > -- Att,/Regards, Vitor Jr. Infraestrutura / Infrastructure Team Oracle 12c DBA Certified Professional - OCP 12c Oracle 11g DBA Certified Professional - OCP 11g Oracle Certified Expert, Oracle Real Application Clusters 11g and Grid Infrastructure Administrator - OCE Oracle Database 11g Performance Tuning Certified Expert - OCE Oracle Exadata 11g Certified Implementation Specialist Oracle Certified Associate, MySQL 5 mail, gtalk e msn: vitorj...@gmail.com http://certificacaobd.com.br/ skype: vjunior1981 https://mybizcard.co/vitor.jr.385628