In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-04-02 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Database >
Share
Shulou(Shulou.com)06/01 Report--
The security management of Oracle database snooping is easy to ignore. Do a test.
Disable the local authentication function of monitoring, set the listening password, and the database version is 11.2.0.4.
1. Default configuration listener.ora
LISTENER =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP) (HOST = roidb01) (PORT = 1521))
)
)
SID_LIST_LISTENER=
(SID_LIST =
(SID_DESC =
(GLOBAL_DBNAME = orcl)
(ORACLE_HOME = / u01/app/oracle/product/11.2.0/dbhome_1)
(SID_NAME = orcl)
)
)
ADR_BASE_LISTENER = / u01/app/oracle
2. Add parameters
LOCAL_OS_AUTHENTICATION_LISTENER = OFF
Use vi to add the above parameters as follows:
LISTENER =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP) (HOST = roidb01) (PORT = 1521))
)
)
SID_LIST_LISTENER=
(SID_LIST =
(SID_DESC =
(GLOBAL_DBNAME = orcl)
(ORACLE_HOME = / u01/app/oracle/product/11.2.0/dbhome_1)
(SID_NAME = orcl)
)
)
ADR_BASE_LISTENER = / u01/app/oracle
LOCAL_OS_AUTHENTICATION_LISTENER = OFF
3. Reload snooping
$lsnrctl start
$lsnrctl reload
LSNRCTL for Linux: Version 11.2.0.4.0-Production on 29-NOV-2018 10:55:16
Copyright (c) 1991, 2013, Oracle. All rights reserved.
Connecting to (DESCRIPTION= (ADDRESS= (PROTOCOL=TCP) (HOST=roidb01) (PORT=1521)
The command completed successfully
$ps-ef | grep tns
Root 10 2 0 09:11? 00:00:00 [netns]
Oracle 2809 10 10:55? 00:00:00 / u01/app/oracle/product/11.2.0/dbhome_1/bin/tnslsnr LISTENER-inherit
Oracle 2820 1898 0 10:55 pts/0 00:00:00 grep tns
$
4. Set the listening password
$lsnrctl
LSNRCTL for Linux: Version 11.2.0.4.0-Production on 29-NOV-2018 10:55:50
Copyright (c) 1991, 2013, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL > help
The following operations are available
An asterisk (*) denotes a modifier or extended command:
Start stop status
Services version reload
Save_config trace spawn
Change_password quit exit
Set show
LSNRCTL > change_password
Old password:
New password:
Reenter new password:
Connecting to (DESCRIPTION= (ADDRESS= (PROTOCOL=TCP) (HOST=roidb01) (PORT=1521)
Password changed for LISTENER
The command completed successfully
LSNRCTL > save_config
Connecting to (DESCRIPTION= (ADDRESS= (PROTOCOL=TCP) (HOST=roidb01) (PORT=1521)
TNS-01169: The listener has not recognized the password
LSNRCTL > set password
Password:
The command completed successfully
LSNRCTL > save_config
Connecting to (DESCRIPTION= (ADDRESS= (PROTOCOL=TCP) (HOST=roidb01) (PORT=1521)
Saved LISTENER configuration parameters.
Listener Parameter File / u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener.ora
Old Parameter File / u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener.bak
The command completed successfully
LSNRCTL > status
Connecting to (DESCRIPTION= (ADDRESS= (PROTOCOL=TCP) (HOST=roidb01) (PORT=1521)
STATUS of the LISTENER
Alias LISTENER
Version TNSLSNR for Linux: Version 11.2.0.4.0-Production
Start Date 29-NOV-2018 10:55:01
Uptime 0 days 0 hr. 2 min. 14 sec
Trace Level off
Security ON: Password
SNMP OFF
Listener Parameter File / u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener.ora
Listener Log File / u01/app/oracle/diag/tnslsnr/roidb01/listener/alert/log.xml
Listening Endpoints Summary...
(DESCRIPTION= (ADDRESS= (PROTOCOL=tcp) (HOST=roidb01) (PORT=1521))
Services Summary...
Service "ORCL_DGB" has 1 instance (s).
Instance "orcl", status READY, has 1 handler (s) for this service...
Service "orcl" has 2 instance (s).
Instance "orcl", status UNKNOWN, has 1 handler (s) for this service...
Instance "orcl", status READY, has 1 handler (s) for this service...
Service "orclXDB" has 1 instance (s).
Instance "orcl", status READY, has 1 handler (s) for this service...
The command completed successfully
LSNRCTL >
5. Turn off the monitoring method
$lsnrctl stop
LSNRCTL for Linux: Version 11.2.0.4.0-Production on 29-NOV-2018 10:58:12
Copyright (c) 1991, 2013, Oracle. All rights reserved.
Connecting to (DESCRIPTION= (ADDRESS= (PROTOCOL=TCP) (HOST=roidb01) (PORT=1521)
TNS-01169: The listener has not recognized the password
$lsnrctl
LSNRCTL for Linux: Version 11.2.0.4.0-Production on 29-NOV-2018 10:58:15
Copyright (c) 1991, 2013, Oracle. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL > set password
Password:
The command completed successfully
LSNRCTL > stop
Connecting to (DESCRIPTION= (ADDRESS= (PROTOCOL=TCP) (HOST=roidb01) (PORT=1521)
The command completed successfully
LSNRCTL >
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
