2.1.4 Ensure 'SECURE_REGISTER_' Is Set to 'TCPS' or 'IPC'

Information

The SECURE_REGISTER_<listener_name> setting specifies the protocols used to connect to the TNS listener. Each setting should have a value of either TCPS or IPC based on the needs for its protocol.

Rationale:

Listener configuration changes via unencrypted remote connections can result in unauthorized users sniffing control configuration information from the network.

Solution

To remediate this recommendation:

Use a text editor such as vi to set SECURE_REGISTER_<listener_name> to the required value for each listener found in $ORACLE_HOME/network/admin/listener.ora.

See Also

https://workbench.cisecurity.org/benchmarks/13413

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-8, CSCv7|14.4

Plugin: Unix

Control ID: 11d12f02bb16afec19b22e3bcb476034cbe27813a323d8aa6ce25f155e059dd4