Details

As listener configuration changes via unencrypted remote connections can result in unauthorized users sniffing the control configuration information from the network, these control values should be set according to the needs of the organization.

NOTE: ORACLE_HOME should be set to the appropriate directory based on the specifications of the organization.

Solution

Set the SECURE_CONTROL_ for each defined listener in the listener.ora file, according to the needs of the organization.

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/601

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Windows.

References

• 800-53|AC-17(2)

Source

• Tenable.com/audits