Secure the Oracle Listener
The Oracle Database Listener is the database server software component that manages the network traffic between the Oracle Database and the client. The Oracle Database Listener listens on a specific network port (default 1521) and forwards network connections to the Database. One of the most misunderstood security issues with the Oracle Database is the security of the Listener. The listener is one of the most critical components to database operations; It is responsible for the ability to have a client/server communication In dedicated mode it is responsible for creating a new process (or thread on Windows) on behalf of the client and setting up the communications On Windows each such server process actually speaks on a new tcpip port and the listener redirects the client to this port On Unix streaming continues on the original port The listener forks a new process The listener then closes its own fd-s; the new process continues to speak on the fd-s ...