*http://www.petefinnigan.com/ramblings/set_listener_password.htm
<http://www.petefinnigan.com/ramblings/set_listener_password.htm>*
*Setting an encrypted Oracle listener password*
Anyway as I said this is not the best way to secure your listener. It
should be done with an encrypted password as follows:
C:\oracle\ora90\network\admin>lsnrctl
LSNRCTL for 32-bit Windows: Version 9.2.0.1.0 - Production on
24-FEB-2004 11:27:
55
Copyright (c) 1991, 2002, Oracle Corporation. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL> set current_listener listener
Current Listener is listener
LSNRCTL> change_password
Old password:
New password:
Reenter new password:
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC0)))
Password changed for listener
The command completed successfully
LSNRCTL> set password
Password:
The command completed successfully
LSNRCTL> save_config
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC0)))
Saved LISTENER configuration parameters.
Listener Parameter File C:\oracle\ora90\network\admin\listener.ora
Old Parameter File C:\oracle\ora90\network\admin\listener.bak
The command completed successfully
LSNRCTL>
You must save the configuration after setting the password otherwise it
will be lost. Also you can check what was generated by looking in the
listener.ora file. This is what was generated from the above commands:
#----ADDED BY TNSLSNR 24-FEB-2004 11:29:18---
PASSWORDS_LISTENER = F0354118688257FB
#--------------------------------------------
Em ter, 29 de mar de 2016 às 10:52, angelo angelolis...@gmail.com
[oracle_br] <oracle_br@yahoogrupos.com.br> escreveu:
>
>
> Pô mas essa senha fica solta no arquivo e em txt ?
>
> não tão segura porque o invasor pode resolver tentar invadir o servidor de
> uma vez...
>
>
> Solution
> Protect your TNS Listener with a password and ADMIN_RESTRICTIONS in the
> listener.ora
>
>
>
> 2016-03-29 10:45 GMT-03:00 Vitor Junior vitorj...@gmail.com [oracle_br] <
> oracle_br@yahoogrupos.com.br>:
>
> Sim, é possível, antigo e bem comum! :)
>>
>>
>> http://www.red-database-security.com/exploits/oracle-exploit-stop-tns_listener.html
>>
>>
>>
>>
>> Em ter, 29 de mar de 2016 às 10:40, 'Ednilson Silva'
>> ednilson.si...@jbs.com.br [oracle_br] <oracle_br@yahoogrupos.com.br>
>> escreveu:
>>
>>>
>>>
>>> Pessoal,
>>>
>>> Recebi uma solicitação de nossa auditoria para implementar uma senha
>>> para o tnslsnr para que o serviço não seja parado remotamente.
>>>
>>> Existe a possibilidade de parar o listener remotamente, sem ter acesso
>>> ao servidor? Como ?
>>>
>>>
>>>
>>> Pesquisando vi que dá para colocar uma senha no serviço, mas nunca ouvi
>>> falar disso.
>>>
>>>
>>>
>>> Grato
>>>
>>> Ednilson Silva
>>>
>>> --
>>
> Att,/Regards,
>>
>>
>> Vitor Jr.
>> Infraestrutura / Infrastructure Team
>>
>> Oracle 12c DBA Certified Professional - OCP 12c
>> Oracle 11g DBA Certified Professional - OCP 11g
>> Oracle Certified Expert, Oracle Real Application Clusters 11g and Grid
>> Infrastructure Administrator - OCE
>> Oracle Database 11g Performance Tuning Certified Expert - OCE
>> Oracle Exadata 11g Certified Implementation Specialist
>> Oracle Certified Associate, MySQL 5
>> mail, gtalk e msn: vitorj...@gmail.com
>> http://certificacaobd.com.br/
>> skype: vjunior1981
>> https://mybizcard.co/vitor.jr.385628
>>
>>
>
>
--
Att,/Regards,
Vitor Jr.
Infraestrutura / Infrastructure Team
Oracle 12c DBA Certified Professional - OCP 12c
Oracle 11g DBA Certified Professional - OCP 11g
Oracle Certified Expert, Oracle Real Application Clusters 11g and Grid
Infrastructure Administrator - OCE
Oracle Database 11g Performance Tuning Certified Expert - OCE
Oracle Exadata 11g Certified Implementation Specialist
Oracle Certified Associate, MySQL 5
mail, gtalk e msn: vitorj...@gmail.com
http://certificacaobd.com.br/
skype: vjunior1981
https://mybizcard.co/vitor.jr.385628
