没有合适的资源?快使用搜索试试~ 我知道了~
首页Oracle Database Server 'TNS Listener'远程数据投毒漏洞(CVE-2012-1675)的解决文档
安全厂家给出的解决办法: 链接:http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html 根据此链接得到解决方法: ? 1234 SolutionRecommendations for protecting against this vulnerability can be found at:My Oracle Support Note 1340831.1 for Oracle Database deployments that use Oracle Real Application Clusters (RAC).My Oracle Support Note 1453883.1 for Oracle Database deployments that do not use RAC. 目前这里环境不是RAC,参考文档1453883.1: Using Class of Secure Transport (COST) to Restrict Instance Registration (
资源详情
资源评论
资源推荐
2018/5/2 文档 1453883.1
https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=344058498322677&id=1453883.1&_afrWindowMode=0&_adf.ctrl-state=8uxcrggjt_1306 1/7
PowerView 已关闭
(0)
家鹏 (可用)
与我们联系 帮助
In t hi s Do c u me n t
Goal
Solution
References
APPLIES TO:
Oracle Net Services - Version 10.2.0.3 to 12.1.0.2 [Release 10.2 to 12.1]
Oracle Database - Enterprise Edition - Version 10.2.0.3 to 12.1.0.2 [Release 10.2 to 12.1]
Oracle Database - Standard Edition - Version 10.2.0.3 to 12.1.0.2 [Release 10.2 to 12.1]
Information in this document applies to any platform.
GOAL
To demonstrate how the COST parameter "SECURE_REGISTER_listener_name =" is used to restrict instance
registration with database listeners. With this COST restriction in place only local instances will be
allowed to register. These instructions can be used to address the issues published in Oracle Security
Alert CVE-2012-1675 by using COST to restrict connections to only local instances.
Ab o u t C O ST
The class of secure transports (COST) parameters specify a list of transports that are considered secure
for administration and registration of a particular listener. The COST parameters identify which
transports are considered secure for that installation and whether the administration of a listener
requires secure transports. COST will not affect client connections utilizing other protocols. For more
details and for information about other available COST parameters please see the 11.2 Network
Administrators Guide and Network Reference.
Ab o u t t h e I P C P r ot o c ol
IPC protocol support is similar to BEQ protocol support in that it can only be used when the client
program and the Oracle server are installed on the same system. IPC protocol support differs from BEQ
protocol support in that it can be used with Oracle Shared Server configurations. IPC protocol support
requires a listener for its operation. For more information about IPC please see Doc ID 29232.1 "IPC
Explained".
Or a c le v er s i on s th a t s u p po r t C O S T
Although not documented in the Oracle 10g Network Administration Guides COST parameters and functionality
are supported as of 10.2.0.3.
Starting with Oracle Database Version 11.2.0.4 and Oracle Database 12c (12.1.0.1), the screening of
service registration requests from database instances is performed using the Oracle Listener inherent
"Valid Node Checking for Registration" feature. Oracle recommends using the "VNCR" feature in 11.2.0.4
and 12c as an alternative to COST if the implementation is only to regulate database service
registration requests with Listeners. If COST parameters are needed for Oracle Database 11.2.0.4 or
12c for other or for additional reasons, then they should be used as intended.
For more information information about "Valid Node Checking for Registration" in 11.2.0.4 and 12c
please reference the following links:
Oracle Net 12c: Valid Node Checking For Registration (VNCR) (Doc ID 1600630.1)
Oracle® Database Net Services Reference
12c Release 1 (12.1)
New features overview
Oracle® Clusterware Administration and Deployment Guide
12c Release 1 (12.1)
SCAN Listeners and Service Registration Restriction With Valid Node Checking
SOLUTION
There are two methods that can be used to protect the listener using COST
"SECURE_REGISTER_listener_name =" in stand alone database installations.
此文档是否有帮助?
文档详细信息
类型:
状态:
上次主更
新:
上次更新:
语言:
HOWTO
PUBLISHED
2015-2-18
2017-12-15
English
相关产品
Oracle Database -
Enterprise Edition
Oracle Database -
Standard Edition
Oracle Net Services
信息中心
Information Center:
Overview Database
Server/Client
Installation and
Upgrade/Migration
[1351022.2]
Index of Oracle Database
Information Centers
[1568043.2]
インフォメーション・セン
ター: データベースおよび
Enterprise Manager 日本語
ドキュメント [1946305.2]
Information Center:
Overview of Database
Security Products
[1548952.2]
Oracle Database 11g
Release 2 Information
Center [1436725.2]
文档引用
IPC Explained [29232.1]
Valid Node Checking For
Registration (VNCR)
[1600630.1]
Force Connections to a
Specific Database Service
When two Identical
Services are Registered
to CMAN [1455068.1]
Using Class of Secure
Transport (COST) to
Restrict Instance
Registration in Oracle
RAC [1340831.1]
最近查看
Copyright (c) 2018, Oracle. All rights reserved.
Using Class of Secure Transport (COST) to Restrict Instance Registration (文档 ID 1453883.1)
转到底部
是
否
Using Class of Secure
Transport (COST) to
Restrict Instance
Registration in Oracle
RAC [1340831.1]
Release Schedule of
Current Database
Releases [742060.1]
面板 服务请求 补丁程序和更新程序 社区 认证 系统 收集器知识
提供反馈...
Patches & Updates >
herry1689
- 粉丝: 9
- 资源: 17
上传资源 快速赚钱
- 我的内容管理 收起
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
会员权益专享
最新资源
- RTL8188FU-Linux-v5.7.4.2-36687.20200602.tar(20765).gz
- c++校园超市商品信息管理系统课程设计说明书(含源代码) (2).pdf
- 建筑供配电系统相关课件.pptx
- 企业管理规章制度及管理模式.doc
- vb打开摄像头.doc
- 云计算-可信计算中认证协议改进方案.pdf
- [详细完整版]单片机编程4.ppt
- c语言常用算法.pdf
- c++经典程序代码大全.pdf
- 单片机数字时钟资料.doc
- 11项目管理前沿1.0.pptx
- 基于ssm的“魅力”繁峙宣传网站的设计与实现论文.doc
- 智慧交通综合解决方案.pptx
- 建筑防潮设计-PowerPointPresentati.pptx
- SPC统计过程控制程序.pptx
- SPC统计方法基础知识.pptx
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
评论2