On the Oracle systems that I manage I typically like to add a simple layer of security by changing the port that the listener listens on. Given that I work for an institution that allows the public to connect to its internal network, and since that network has an Oracle Database server on it, I wanted to make it just a little bit harder to find our databases. I recognize that a good hacker will find our Oracle Database servers regardless of the port that they run on. However, by changing the listening port I hope to eliminate the potential for a member of the public bringing in an infected computer that tries to do something malicious to Oracle databases.

To do this you first have to setup your listener to listen on a different port, and then you have to change your tnsnames.ora file to reference the new port. It really is rather simple and I will demonstrate through the steps below. The steps below have been tested on Oracle 10gR2 running on RedHat AS4.
continue reading…