如何绕过oracle listener 监听的密码设置,oraclelistener
如何绕过oracle 监听的密码设置:
1.找到监听进程pid ,并将它kill 掉
ps -ef|grep tns
[oracle@lixora admin]$ ps -ef|grep tns
root 9 2 0 Jul11 ? 00:00:00 [netns]
oracle 29668 1 0 10:12 ? 00:00:00 /oracle/bin/tnslsnr LISTENER -inherit
oracle 29677 29487 0 10:15 pts/1 00:00:00 grep tns
kill -9 pid
kill -9 29668
2.然后替换掉原来的listener.ora 文件
3.然后启动监听
很多人都知道,Oracle的监听器一直存在着一个安全隐患,假如不设置安全措施,那么能够访问的用户就可以远程关闭监听器。
相关示例:
D:\>lsnrctl stop eygle
LSNRCTL for 32-bit Windows: Version 10.2.0.3.0 - Production on 28-11月-2007 10:02:40
Copyright (c) 1991, 2006, Oracle. All rights reserved.
正在连接到 (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=172.16.33.11)(PORT=1521))
(CONNECT_DATA=(SERVICE_NAME=eygle)))
命令执行成功
大家可以发现,此时缺省的监听器的日志还无法记录操作地址:
No longer listening on: (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=172.16.33.11)(PORT=1521)))
28-NOV-2007 09:59:20 * (CONNECT_DATA=(CID=(PROGRAM=)(HOST=)(USER=Administrator))(COMMAND=stop)
(ARGUMENTS=64)(SERVICE=eygle)(VERSION=169870080)) * stop * 0
为了更好的保证监听器的安全,大家最好为监听设置密码:
[oracle@jumper log]$ lsnrctl
LSNRCTL for Linux: Version 9.2.0.4.0 - Production on 28-NOV-2007 10:18:17
Copyright (c) 1991, 2002, Oracle Corporation. All rights reserved.
Welcome to LSNRCTL, type "help" for information.
LSNRCTL> set current_listener listener
Current Listener is listener
LSNRCTL> change_password
Old password:
New password:
Reenter new password:
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=172.16.33.11)(PORT=1521)))
Password changed for listener
The command completed successfully
LSNRCTL> set password
Password:
The command completed successfully
LSNRCTL> save_config
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=172.16.33.11)(PORT=1521)))
Saved LISTENER configuration parameters.
Listener Parameter File /opt/oracle/product/9.2.0/networ......余下全文>>
DEMO =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = 172.22.12.33)(PORT = 1521))
)
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = demo)
)
)
中的SERVICE_NAME 改成跟监听里面的SID一样,即SERVICE_NAME = ORCL;
如果不行的话,tnsping一下看下什么结果。