Hi Oracle 9ir2 default install comes with two additional ports (8080 and 2100) from the OSE integrated stack in the database. These are a security risk if you do not actually need them and control them as anyone with a browser can attempt to break into your database. You can see them with "lsnrctl status" command or via enterprise manager.
The best way to get rid of them is to alter the init.ora file and remove the line that reads dispatcher=(PROTOCOL=TCP) (SERVICE=orat92XDB) If you use spfile then copy to init.ora first, stop and start db with init.ora and copy back to spfile. eg: Create pfile='/path/initSID.ora' from Spfile='/path/spfileSID.ora'; Change initSID.ora Delete old spfile Create spfile='/path/spfileSID.ora' from Pfile='/path/initSID.ora'; Also Roby Sherman has a paper on xdb port nightmares with some other solutions to removing these ports and changing the port numbers a link to it is here http://www.petefinnigan.com/orasec.htm it is at the end of the page. hth kind regards Pete -- Pete Finnigan email:[EMAIL PROTECTED] Web site: http://www.petefinnigan.com - Oracle security audit specialists Book:Oracle security step-by-step Guide - see http://store.sans.org for details. -- Please see the official ORACLE-L FAQ: http://www.orafaq.net -- Author: Pete Finnigan INET: [EMAIL PROTECTED] Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
