Welcome Guest ( Log In | Register )


 
 
 
 
 
 

 
 
Oracle 

Performance Tuning Reference poster
 
Oracle training in Linux 

commands
 
Oracle training Weblogic Book
 
Easy Oracle Jumpstart
 
Oracle training & performance tuning books
 
Burleson Consulting Remote DB Administration
 
 
 
Reply to this topicStart new topic
> Oracle Database TNS Listener Poison Attack Vulnerability, Oracle vulnerability
harishk
post Mar 15 2017, 10:33 AM
Post #1


Advanced Member
***

Group: Members
Posts: 233
Joined: 8-September 14
Member No.: 49,938



Hi Burleson,

This is regarding "Oracle Database TNS Listener Poison Attack Vulnerability" found in Oracle 10g & 11g databases.

I found a note of yours in below link. Does this apply to both Oracle versions? Could you please clarify?

  • http://www.dba-oracle.com/t_tns_poison_attack.htm



The database version affected are 10.2.0.4.0, 11.2.0.4.0.


--------------------
Regards,
Harishk
Go to the top of the page
 
+Quote Post
burleson
post Mar 15 2017, 03:18 PM
Post #2


Advanced Member
***

Group: Members
Posts: 13,335
Joined: 26-January 04
Member No.: 13



Hi Harish,

>> Does this apply to both Oracle versions?

You need to check with MOSC to see the releases that have this issue:

http://support.oracle.com




--------------------
Hope this helps. . .

Donald K. Burleson
Oracle Press author
Author of Oracle Tuning: The Definitive Reference
Go to the top of the page
 
+Quote Post
harishk
post Mar 16 2017, 09:18 AM
Post #3


Advanced Member
***

Group: Members
Posts: 233
Joined: 8-September 14
Member No.: 49,938



Hi Burleson,

Thanks for your suggestion.


--------------------
Regards,
Harishk
Go to the top of the page
 
+Quote Post
harishk
post Mar 23 2017, 08:57 AM
Post #4


Advanced Member
***

Group: Members
Posts: 233
Joined: 8-September 14
Member No.: 49,938



Hi Burleson,

Could you please answer the below questions?

Should we reload listener after setting the parameter dynamic_registration_listener=off in listener.ora file for Oracle 10g?
Also could you please confirm the parameter to set for Oracle 11g?


--------------------
Regards,
Harishk
Go to the top of the page
 
+Quote Post
burleson
post Mar 24 2017, 12:49 PM
Post #5


Advanced Member
***

Group: Members
Posts: 13,335
Joined: 26-January 04
Member No.: 13



Hi Harish,

Yes, I would bounce the listener.

See my notes here:

http://www.dba-oracle.com/t_tns_poison_attack.htm




--------------------
Hope this helps. . .

Donald K. Burleson
Oracle Press author
Author of Oracle Tuning: The Definitive Reference
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 

Lo-Fi Version Time is now: 26th March 2017 - 06:00 AM