2.2.5 Ensure 'REMOTE_LISTENER' Is Empty

Information

The remote_listener setting determines whether or not a valid listener can be established on a system separate from the database instance. This setting should be empty unless the organization specifically needs a valid listener on a separate system or on nodes running Oracle RAC instances.

Permitting a remote listener for connections to the database instance can allow for the potential spoofing of connections and that could compromise data confidentiality and integrity.

Solution

To remediate this setting, execute the following SQL statement.

ALTER SYSTEM SET REMOTE_LISTENER = '' SCOPE = SPFILE;

See Also

https://workbench.cisecurity.org/benchmarks/11760

Item Details

Category: SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|CA-9, 800-53|SC-7, 800-53|SC-7(5), CSCv7|9.2

Plugin: OracleDB

Control ID: 1a08fdf2f14688d841fa5799be7ace0188f4768285b05c1b66ab13848e634255