Oracle 數(shù)據(jù)庫監(jiān)聽的安全管理是比較容易忽略的一個問題，做一個測試
禁用監(jiān)聽的本地驗證功能，設置監(jiān)聽密碼，數(shù)據(jù)庫版本為11.2.0.4

成都創(chuàng)新互聯(lián)公司服務項目包括巴林左旗網(wǎng)站建設、巴林左旗網(wǎng)站制作、巴林左旗網(wǎng)頁制作以及巴林左旗網(wǎng)絡營銷策劃等。多年來，我們專注于互聯(lián)網(wǎng)行業(yè)，利用自身積累的技術優(yōu)勢、行業(yè)經(jīng)驗、深度合作伙伴關系等，向廣大中小型企業(yè)、政府機構等提供互聯(lián)網(wǎng)行業(yè)的解決方案，巴林左旗網(wǎng)站推廣取得了明顯的社會效益與經(jīng)濟效益。目前，我們服務的客戶以成都為中心已經(jīng)輻射到巴林左旗省份的部分城市，未來相信會繼續(xù)擴大服務區(qū)域并繼續(xù)獲得客戶的支持與信任！

1、默認配置listener.ora

LISTENER =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = roidb01)(PORT = 1521))
)
)
SID_LIST_LISTENER=
(SID_LIST =
(SID_DESC =
(GLOBAL_DBNAME = orcl)
(ORACLE_HOME =/u01/app/oracle/product/11.2.0/dbhome_1)
(SID_NAME = orcl)
)
)
ADR_BASE_LISTENER = /u01/app/oracle

2、添加參數(shù)
LOCAL_OS_AUTHENTICATION_LISTENER = OFF

使用vi 添加以上參數(shù)如下：
LISTENER =
(DESCRIPTION_LIST =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = roidb01)(PORT = 1521))
)
)
SID_LIST_LISTENER=
(SID_LIST =
(SID_DESC =
(GLOBAL_DBNAME = orcl)
(ORACLE_HOME =/u01/app/oracle/product/11.2.0/dbhome_1)
(SID_NAME = orcl)
)
)
ADR_BASE_LISTENER = /u01/app/oracle

LOCAL_OS_AUTHENTICATION_LISTENER = OFF

3、reload 監(jiān)聽
<roidb01:orcl:/home/oracle>$lsnrctl start
<roidb01:orcl:/home/oracle>$lsnrctl reload

LSNRCTL for Linux: Version 11.2.0.4.0 - Production on 29-NOV-2018 10:55:16

Copyright (c) 1991, 2013, Oracle. All rights reserved.

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=roidb01)(PORT=1521)))
The command completed successfully
<roidb01:orcl:/home/oracle>$ps -ef|grep tns
root 10 2 0 09:11 ? 00:00:00 [netns]
oracle 2809 1 0 10:55 ? 00:00:00 /u01/app/oracle/product/11.2.0/dbhome_1/bin/tnslsnr LISTENER -inherit
oracle 2820 1898 0 10:55 pts/0 00:00:00 grep tns
<roidb01:orcl:/home/oracle>$

4、設置監(jiān)聽密碼
<roidb01:orcl:/home/oracle>$lsnrctl

LSNRCTL for Linux: Version 11.2.0.4.0 - Production on 29-NOV-2018 10:55:50

Copyright (c) 1991, 2013, Oracle. All rights reserved.

Welcome to LSNRCTL, type "help" for information.

LSNRCTL> help
The following operations are available
An asterisk (*) denotes a modifier or extended command:

start stop status
services version reload
save_config trace spawn
change_password quit exit
set show

LSNRCTL> change_password
Old password:
New password:
Reenter new password:
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=roidb01)(PORT=1521)))
Password changed for LISTENER
The command completed successfully
LSNRCTL> save_config
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=roidb01)(PORT=1521)))
TNS-01169: The listener has not recognized the password

LSNRCTL> set password
Password:
The command completed successfully
LSNRCTL> save_config
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=roidb01)(PORT=1521)))
Saved LISTENER configuration parameters.
Listener Parameter File /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener.ora
Old Parameter File /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener.bak
The command completed successfully
LSNRCTL> status
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=roidb01)(PORT=1521)))

STATUS of the LISTENER

Alias LISTENER
Version TNSLSNR for Linux: Version 11.2.0.4.0 - Production
Start Date 29-NOV-2018 10:55:01
Uptime 0 days 0 hr. 2 min. 14 sec
Trace Level off
Security ON: Password
SNMP OFF
Listener Parameter File /u01/app/oracle/product/11.2.0/dbhome_1/network/admin/listener.ora
Listener Log File /u01/app/oracle/diag/tnslsnr/roidb01/listener/alert/log.xml
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=roidb01)(PORT=1521)))
Services Summary...
Service "ORCL_DGB" has 1 instance(s).
Instance "orcl", status READY, has 1 handler(s) for this service...
Service "orcl" has 2 instance(s).
Instance "orcl", status UNKNOWN, has 1 handler(s) for this service...
Instance "orcl", status READY, has 1 handler(s) for this service...
Service "orclXDB" has 1 instance(s).
Instance "orcl", status READY, has 1 handler(s) for this service...
The command completed successfully
LSNRCTL>
5、關閉監(jiān)聽方法
<roidb01:orcl:/home/oracle>$lsnrctl stop

LSNRCTL for Linux: Version 11.2.0.4.0 - Production on 29-NOV-2018 10:58:12

Copyright (c) 1991, 2013, Oracle. All rights reserved.

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=roidb01)(PORT=1521)))
TNS-01169: The listener has not recognized the password
<roidb01:orcl:/home/oracle>$lsnrctl

LSNRCTL for Linux: Version 11.2.0.4.0 - Production on 29-NOV-2018 10:58:15

Copyright (c) 1991, 2013, Oracle. All rights reserved.

Welcome to LSNRCTL, type "help" for information.

LSNRCTL> set password
Password:
The command completed successfully
LSNRCTL> stop
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=roidb01)(PORT=1521)))
The command completed successfully
LSNRCTL>

另外有需要云服務器可以了解下創(chuàng)新互聯(lián)cdcxhl.cn，海內(nèi)外云服務器15元起步，三天無理由+7*72小時售后在線，公司持有idc許可證，提供“云服務器、裸金屬服務器、高防服務器、香港服務器、美國服務器、虛擬主機、免備案服務器”等云主機租用服務以及企業(yè)上云的綜合解決方案，具有“安全穩(wěn)定、簡單易用、服務可用性高、性價比高”等特點與優(yōu)勢，專為企業(yè)上云打造定制，能夠滿足用戶豐富、多元化的應用場景需求。

分享名稱：數(shù)據(jù)庫安全檢查監(jiān)聽是重點，設置監(jiān)聽密碼-創(chuàng)新互聯(lián)
網(wǎng)站地址：http://www.rwnh.cn/article48/dcishp.html

成都網(wǎng)站建設公司_創(chuàng)新互聯(lián)，為您提供電子商務、做網(wǎng)站、面包屑導航、定制開發(fā)、服務器托管、響應式網(wǎng)站

廣告

聲明：本網(wǎng)站發(fā)布的內(nèi)容（圖片、視頻和文字）以用戶投稿、用戶轉(zhuǎn)載內(nèi)容為主，如果涉及侵權請盡快告知，我們將會在第一時間刪除。文章觀點不代表本網(wǎng)站立場，如需處理請聯(lián)系客服。電話：028-86922220；郵箱：631063699@qq.com。內(nèi)容未經(jīng)允許不得轉(zhuǎn)載，或轉(zhuǎn)載時需注明來源： 創(chuàng)新互聯(lián)