Databases
cancel
Showing results for 
Search instead for 
Did you mean: 

lsnrctl - password? Will it break anything

SOLVED
Go to solution
Ratzie
Super Advisor

lsnrctl - password? Will it break anything

We are currently securing up our database. From a nessus report it mentions applying a password to the lsnrctl.

I have no problem doing this, but would like to know the ramifications of doing so?

What does this do?

What about the clients that connect etc.
7 REPLIES
Patti Johnson
Respected Contributor

Re: lsnrctl - password? Will it break anything

It will not effect the client connections, but it will add some to your administration. Any script that does a "lsnrctl stop" from the command line will have to change since you can not issue a stop without first doing a "set password" from lsnrctl.

Take a look at metalink Note:92602.1 for more details.

Patti
Joseph Loo
Honored Contributor

Re: lsnrctl - password? Will it break anything

hi,

no issue with it, only a security tightening to prevent unauthorized
access to your listener.

also, use encrypted password method in the script.

regards.
what you do not see does not mean you should not believe
Indira Aramandla
Honored Contributor

Re: lsnrctl - password? Will it break anything

Hi,

There should be no issues with your client connections if you apply a password to the lsnrctl.

Remember to apply the same to you scripts if any that start and stop the listener.



Indira A
Never give up, Keep Trying
Yogeeraj_1
Honored Contributor
Solution

Re: lsnrctl - password? Will it break anything

hi,

don't forget that now you will have to script the "supplying of the password" when starting the listener during the startup of your database.

if you need any further assistance, please let us know.

hope this helps too!

kind regards
yogeeraj
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
Steven E. Protter
Exalted Contributor

Re: lsnrctl - password? Will it break anything

Shalom,

It will break any scripts working with lsnrctl that do not have passwords hard coded or otherwise provided.

I think you can keep this secure with permissions. How many people really have the oracle password?

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Eric Antunes
Honored Contributor

Re: lsnrctl - password? Will it break anything

Hi,

With interactive scripts, you need to add the following before "lsnrctl start/stop $listener_name" command:

...
lsnrctl set password
lsnrctl start $listener_name
...
...
lsnrctl set password
lsnrctl stop $listener_name

With batch scripts, I think you will need to hard code the pwd in the script...

Best Regards,

Eric Antunes
Each and every day is a good day to learn.
Florian Heigl (new acc)
Honored Contributor

Re: lsnrctl - password? Will it break anything

There is a real good document on securing the listener at the following URL
http://www.integrigy.com/info/Integrigy_OracleDB_Listener_Security.pdf

(even I did understand it *g*)
yesterday I stood at the edge. Today I'm one step ahead.