Welcome Guest ( Log In | Register )


 
 
 
 
 
 

 
 
Oracle 

Performance Tuning Reference poster
 
Oracle training in Linux 

commands
 
Oracle training Weblogic Book
 
Easy Oracle Jumpstart
 
Oracle training & performance tuning books
 
Burleson Consulting Remote DB Administration
 
 
 
Reply to this topicStart new topic
> Oracle Database TNS Listener Poison Attack Vulnerability, Oracle vulnerability
harishk
post Mar 15 2017, 10:33 AM
Post #1


Advanced Member
***

Group: Members
Posts: 244
Joined: 8-September 14
Member No.: 49,938



Hi Burleson,

This is regarding "Oracle Database TNS Listener Poison Attack Vulnerability" found in Oracle 10g & 11g databases.

I found a note of yours in below link. Does this apply to both Oracle versions? Could you please clarify?

  • http://www.dba-oracle.com/t_tns_poison_attack.htm



The database version affected are 10.2.0.4.0, 11.2.0.4.0.


--------------------
Regards,
Harishk
Go to the top of the page
 
+Quote Post
burleson
post Mar 15 2017, 03:18 PM
Post #2


Advanced Member
***

Group: Members
Posts: 13,571
Joined: 26-January 04
Member No.: 13



Hi Harish,

>> Does this apply to both Oracle versions?

You need to check with MOSC to see the releases that have this issue:

http://support.oracle.com




--------------------
Hope this helps . . .

Donald K. Burleson
Oracle Press author
Author of Oracle Tuning: The Definitive Reference
Go to the top of the page
 
+Quote Post
harishk
post Mar 16 2017, 09:18 AM
Post #3


Advanced Member
***

Group: Members
Posts: 244
Joined: 8-September 14
Member No.: 49,938



Hi Burleson,

Thanks for your suggestion.


--------------------
Regards,
Harishk
Go to the top of the page
 
+Quote Post
harishk
post Mar 23 2017, 08:57 AM
Post #4


Advanced Member
***

Group: Members
Posts: 244
Joined: 8-September 14
Member No.: 49,938



Hi Burleson,

Could you please answer the below questions?

Should we reload listener after setting the parameter dynamic_registration_listener=off in listener.ora file for Oracle 10g?
Also could you please confirm the parameter to set for Oracle 11g?


--------------------
Regards,
Harishk
Go to the top of the page
 
+Quote Post
burleson
post Mar 24 2017, 12:49 PM
Post #5


Advanced Member
***

Group: Members
Posts: 13,571
Joined: 26-January 04
Member No.: 13



Hi Harish,

Yes, I would bounce the listener.

See my notes here:

http://www.dba-oracle.com/t_tns_poison_attack.htm




--------------------
Hope this helps . . .

Donald K. Burleson
Oracle Press author
Author of Oracle Tuning: The Definitive Reference
Go to the top of the page
 
+Quote Post
harishk
post Mar 28 2017, 03:44 AM
Post #6


Advanced Member
***

Group: Members
Posts: 244
Joined: 8-September 14
Member No.: 49,938



Hi Burleson,

Thanks for your response.

QUOTE
Yes, I would bounce the listener.

But it is nowhere mentioned in the note that reload is required for listener after setting the parameter dynamic_registration_listener=off
Could you please clarify?

Also could you please confirm the parameter for Oracle 11g?




--------------------
Regards,
Harishk
Go to the top of the page
 
+Quote Post
burleson
post Mar 28 2017, 11:44 AM
Post #7


Advanced Member
***

Group: Members
Posts: 13,571
Joined: 26-January 04
Member No.: 13



Hi Harish,

>> But it is nowhere mentioned in the note that reload is required

A listener restart will only effect new connections for a very brief time, a low risk operation.






--------------------
Hope this helps . . .

Donald K. Burleson
Oracle Press author
Author of Oracle Tuning: The Definitive Reference
Go to the top of the page
 
+Quote Post
harishk
post Mar 29 2017, 05:42 AM
Post #8


Advanced Member
***

Group: Members
Posts: 244
Joined: 8-September 14
Member No.: 49,938



Hi Burleson,

Could you also please confirm the parameter to be used for Oracle 11g?


--------------------
Regards,
Harishk
Go to the top of the page
 
+Quote Post
harishk
post Mar 31 2017, 11:42 AM
Post #9


Advanced Member
***

Group: Members
Posts: 244
Joined: 8-September 14
Member No.: 49,938



Hi Burleson,

Could you please confirm the parameter for oracle 11g?



--------------------
Regards,
Harishk
Go to the top of the page
 
+Quote Post
burleson
post Mar 31 2017, 01:32 PM
Post #10


Advanced Member
***

Group: Members
Posts: 13,571
Joined: 26-January 04
Member No.: 13



Hi Harish,

From 11g docs:

https://docs.oracle.com/cd/B28359_01/networ...er.htm#NETRF331




--------------------
Hope this helps . . .

Donald K. Burleson
Oracle Press author
Author of Oracle Tuning: The Definitive Reference
Go to the top of the page
 
+Quote Post
harishk
post Apr 4 2017, 06:47 AM
Post #11


Advanced Member
***

Group: Members
Posts: 244
Joined: 8-September 14
Member No.: 49,938



Hi Burleson,

Thanks for the link.

But we have added the parameter VALID_NODE_CHECKING_REGISTRATION_<listener-name>=ON in listener.ora file for Oracle 11g database.
and reloaded the listener.

Could you please confirm if this is the right parameter to add for Oracle 11g database?


--------------------
Regards,
Harishk
Go to the top of the page
 
+Quote Post
burleson
post Apr 4 2017, 01:43 PM
Post #12


Advanced Member
***

Group: Members
Posts: 13,571
Joined: 26-January 04
Member No.: 13



Hi,

11g docs:

https://docs.oracle.com/cd/E11882_01/networ...er.htm#NETRF008




--------------------
Hope this helps . . .

Donald K. Burleson
Oracle Press author
Author of Oracle Tuning: The Definitive Reference
Go to the top of the page
 
+Quote Post
harishk
post Apr 5 2017, 11:40 AM
Post #13


Advanced Member
***

Group: Members
Posts: 244
Joined: 8-September 14
Member No.: 49,938



Thanks Burleson


--------------------
Regards,
Harishk
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 

Lo-Fi Version Time is now: 20th October 2017 - 02:09 AM