AppSentry Listener Security Check Tool V.2.2 release

by

In: AppSentry , Enumeration , Vulnerability Scanner

21 December 2006

AppSentry Listener Security Check is a tool to check the security configuration of the Oracle Database Listener and listeners for Oracle Applications 11i.

Four checks are performed :

  • is a password set,
  • is logging enabled,
  • is ADMIN_RESTRICTIONS enabled, and
  • is LOCAL_OS_AUTHENTICATION set for Oracle 10g.

Also, there is a tool to enumerate the databases (SIDs) for a Listener. Lsnrcheck.exe is a stand-alone Windows 2000/XP executable that does not require installation nor any Oracle client software to be installed. It may be run from a USB key or bootable CD-ROM. It is best to save the lsnrcheck.exe file to your desktop or other convenient location for easy access. Click the link below and select ’Save’ or ’Save File’.

Modification History
Version 2.2

  • Added tnsnames.ora security check that checks all the entries in a tnsnames.ora file
  • Added a tool to generate TNS entries and JDBC connect strings from enumerated SIDs

Version 2.1

  • Minor performance improvements

Version 2.0

  • All new tool with many new features and improvements

Download

Post scriptum

Compliance Mandates

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

AppSentry
Enumeration
Vulnerability Scanner