Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > NTBugtraq> 1998

Re: "NERP" DoS attack possible in Oracle

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "NERP" DoS attack possible in Oracle

To: NTBUGTRAQLISTSERV.NTBUGTRAQ.COM
Subject: Re: "NERP" DoS attack possible in Oracle
From: Joe Miller <joemilerCLARK.NET>
Date: Fri, 28 Aug 1998 09:03:20 -0400
Comments: To: Adam Maloney <adamiexposure.com>
In-Reply-To: <199808271834.OAA23009loas.clark.net>
Reply-To: Joe Miller <joemilerCLARK.NET>
Sender: Windows NT BugTraq Mailing List <NTBUGTRAQLISTSERV.NTBUGTRAQ.COM>

On Thu, 27 Aug 1998, Adam Maloney wrote:

> A possible workaround would  be to change the port that Oracle listens on to
> something random (so that the script kiddies have to hunt for it at least).
> I forget where, but I thought I saw a config file that allows you to specify
> which port.
>

The initialization file for the Oracle Listener is called "Listener.ora",
and can be found in your "\ORANT\NET80\ADMIN".  This file determines the
protocols/ports which Oracle uses to listen for database connections.  If
you are running a database and a web server on the same machine, there is
no need to listen for TCP connections.  I would either use the Oracle
Bequest method or IPC for local connections.  There should be a few lines
in the initialization file something like this:

        (ADDRESS=
          (PROTOCOL= TCP)
          (Host= kilroy)
          (Port= 15The initialization file for the Oracle Listener is
called "Listener.ora",
and can be found in your "\ORANT\NET80\ADMIN".  This file determines the
protocols/ports which Oracle uses to listen for database connections.  If
you are running a database and a web server on the same machine, there is
no need to listen for TCP connections.  I would either use the Oracle
Bequest method or IPC for local connections.  There should be a few lines
in the inThe initialization file for the Oracle Listener is called
"Listener.ora",
and can be found in your "\ORANT\NET80\ADMIN".  This file determines the
protocols/ports which Oracle uses to listen for database connections.  If
you are running a database and a web server on the same machine, there is
no need to listen for TCP connections.  I would either use the Oracle
Bequest method or IPC for local connections.  There should be a few lines
in the initialization file something like this:

        (ADDRESS=
          (PROTOCOL= TCP)
          (Host= kilroy)
          (Port= 1526)
        )

You could change either change the port listed here or remove the entry
entirely and restart the Oracle Listener if you are not connecting to the
database via TCP to port 1526.  I would remove all protocols/ports not in
use in this file.

Joe Miller
joemilerclark.net

Prev by Date: NT 4.0 file creation date - bug
Next by Date: Re: Msproxy LAT
Prev by thread: Re: "NERP" DoS attack possible in Oracle
Next by thread: Possible MSIE/NT NetBIOS bug.
Index(es):
- Date
- Thread