HPE Community
Operating System - HP-UX
1753645 Members
6339 Online
108798 Solutions
New Discussion юеВ

Re: lsnrctl - password? Will it break anything

 
SOLVED
Go to solution
Ratzie
Super Advisor

тАО01-18-2006 08:30 AM

тАО01-18-2006 08:30 AM

lsnrctl - password? Will it break anything

We are currently securing up our database. From a nessus report it mentions applying a password to the lsnrctl.

I have no problem doing this, but would like to know the ramifications of doing so?

What does this do?

What about the clients that connect etc.
0 Kudos
Reply
7 REPLIES 7
Patti Johnson
Respected Contributor

тАО01-18-2006 09:07 AM

тАО01-18-2006 09:07 AM

Re: lsnrctl - password? Will it break anything

It will not effect the client connections, but it will add some to your administration. Any script that does a "lsnrctl stop" from the command line will have to change since you can not issue a stop without first doing a "set password" from lsnrctl.

Take a look at metalink Note:92602.1 for more details.

Patti
0 Kudos
Reply
Joseph Loo
Honored Contributor

тАО01-18-2006 12:39 PM

тАО01-18-2006 12:39 PM

Re: lsnrctl - password? Will it break anything

hi,

no issue with it, only a security tightening to prevent unauthorized
access to your listener.

also, use encrypted password method in the script.

regards.
what you do not see does not mean you should not believe
0 Kudos
Reply
Indira Aramandla
Honored Contributor

тАО01-18-2006 02:33 PM

тАО01-18-2006 02:33 PM

Re: lsnrctl - password? Will it break anything

Hi,

There should be no issues with your client connections if you apply a password to the lsnrctl.

Remember to apply the same to you scripts if any that start and stop the listener.



Indira A
Never give up, Keep Trying
Reply
Yogeeraj_1
Honored Contributor

тАО01-18-2006 04:49 PM

тАО01-18-2006 04:49 PM

Solution

Re: lsnrctl - password? Will it break anything

hi,

don't forget that now you will have to script the "supplying of the password" when starting the listener during the startup of your database.

if you need any further assistance, please let us know.

hope this helps too!

kind regards
yogeeraj
No person was ever honoured for what he received. Honour has been the reward for what he gave (clavin coolidge)
Reply
Steven E. Protter
Exalted Contributor

тАО01-18-2006 05:22 PM

тАО01-18-2006 05:22 PM

Re: lsnrctl - password? Will it break anything

Shalom,

It will break any scripts working with lsnrctl that do not have passwords hard coded or otherwise provided.

I think you can keep this secure with permissions. How many people really have the oracle password?

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Eric Antunes
Honored Contributor

тАО01-18-2006 09:25 PM

тАО01-18-2006 09:25 PM

Re: lsnrctl - password? Will it break anything

Hi,

With interactive scripts, you need to add the following before "lsnrctl start/stop $listener_name" command:

...
lsnrctl set password
lsnrctl start $listener_name
...
...
lsnrctl set password
lsnrctl stop $listener_name

With batch scripts, I think you will need to hard code the pwd in the script...

Best Regards,

Eric Antunes
Each and every day is a good day to learn.
Reply
Florian Heigl (new acc)
Honored Contributor

тАО01-19-2006 02:38 AM

тАО01-19-2006 02:38 AM

Re: lsnrctl - password? Will it break anything

There is a real good document on securing the listener at the following URL
http://www.integrigy.com/info/Integrigy_OracleDB_Listener_Security.pdf

(even I did understand it *g*)
yesterday I stood at the edge. Today I'm one step ahead.
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.