Details

The SECURE_REGISTER_ setting specifies the protocols used to connect to the TNS listener. Each setting should have a value of either TCPS or IPC based on the needs for its protocol.

Rationale:

Listener configuration changes via unencrypted remote connections can result in unauthorized users sniffing control configuration information from the network.

Solution

To remediate this recommendation:
Use a text editor such as vi to set the SECURE_REGISTER_=TCPS or SECURE_REGISTER_=IPC for each listener found in $ORACLE_HOME/network/admin/listener.ora.

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/2868

This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Unix.

References

• 800-53|SC-8
• CSCv6|14.2
• CSCv7|14.4

Source

• Tenable.com/audits