This content has been marked as final. Show 7 replies
1) For standalone instances, will the following setting in listener.ora file and restarting listener addresses this vulnerability? Or is there any thing else we need to do? We want to avoid any patches now and see if we can resolve this quickly.
DYNAMIC_REGISTRATION_LISTENER = off
A: No you need to add another setting : ( (ADDRESS = (PROTOCOL = IPC)(KEY = REGISTER)) )
Plus for each database
LISTENER = (DESCRIPTION_LIST = (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = your hostname)(PORT = 1521)) (ADDRESS = (PROTOCOL = IPC)(KEY = REGISTER)) (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1521)) ) )
alter system set local_listener='(DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=REGISTER)))' scope = both;
stop and start the listener
Read note 1453883.1
Oracle 9 - No idea
2) If we dont configure "remote_listener", is it applicable for us?
A: Yes you should still fix your listener.ora
3) For RAC instances, I can follow the steps mentioned in
Using Class of Secure Transport (COST) to Restrict Instance Registration in Oracle RAC [ID 1340831.1]
Aman - Great memory!