Information
The SECURE_REGISTER_<listener_name> setting specifies the protocols used to connect to the TNS listener. Each setting should have a value of either TCPS or IPC based on the needs for its protocol.
Rationale:
Listener configuration changes via unencrypted remote connections can result in unauthorized users sniffing control configuration information from the network.
Solution
To remediate this recommendation:
Use a text editor such as vi to set the SECURE_REGISTER_<listener_name>=TCPS or SECURE_REGISTER_<listener_name>=IPC for each listener found in $ORACLE_HOME/network/admin/listener.ora.
References:
http://docs.oracle.com/database/121/NETRF/listener.htm#NETRF328
https://support.oracle.com/epmos/faces/ui/km/DocumentDisplay.jspx?id=1453883.1
https://support.oracle.com/epmos/faces/ui/km/DocumentDisplay.jspx?id=1340831.1
http://www.joxeankoret.com/download/tnspoison.pdf
Notes:
Oracle Real Application Cluster requires a different approach to fix the TNS Poisoning problem. See Oracle support note 1453883.1 for details.