2.1.1 Ensure 'SECURE_CONTROL_' Is Set In 'listener.ora'

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

The SECURE_CONTROL_<listener_name> setting determines the type of control connection the Oracle server requires for remote configuration of the listener.

Rationale:

Listener configuration changes via unencrypted remote connections can result in unauthorized users sniffing control configuration information from the network.

Solution

To remediate this recommendation:
Set the SECURE_CONTROL_<listener_name> for each defined listener in the listener.ora file.

See Also

https://workbench.cisecurity.org/files/2868