Securing the Oracle Listener

The Oracle Database Listener is the database server software component that manages the network traffic between the Oracle Database and the client. The Oracle Database Listener listens on a specific network port (default 1521) and forwards network connections to the Database.

The listener is one of the most critical components to database operations;

• It is responsible for the ability to have a client/server communication
• In dedicated mode it is responsible for creating a new process (or thread on Windows) on behalf of the client and setting up the communications
• On Windows each such server process actually speaks on a new tcpip port and the listener redirects the client to this port
• On Unix streaming continues on the original port
  • The listener forks a new process
  • The listener then closes its own fd-s; the new process continues to speak on the fd-s

In MTS the listener is responsible to assign and set up the connection with the least loaded dispatcher. The dispatchers get requests from the client and place them on the request queues for the shared server processes, and read responses from the response queues to send to the client

How to set listener password

Set the Listener password to stop most attacks and security issues. Setting the password manually in listener.ora using the PASSWORDS_ parameter will result in the password being stored in cleartext.


LSNRCTL> set current_listener
LSNRCTL> change_password Old password:

New password:
Reenter new password:

LSNRCTL> set password Password:
LSNRCTL> save_config