Details

As listener configuration changes via unencrypted remote connections can result in unauthorized users sniffing the control configuration information from the network, these control values should be set according to the needs of the organization.

Solution

Use a text editor such as vi to set the SECURE_REGISTER_=TCPS or SECURE_REGISTER_=IPC for each listener found in $ORACLE_HOME/network/admin/listener.ora.

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/601

This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.

References

• 800-53|AC-17(2)
• CSCv6|3.1

Source

• Tenable.com/audits