Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-16031 | DO6746-ORACLE10 | SV-24951r1_rule | DCFA-1 | Low |
Description |
---|
The use of IP address in place of host names helps to protect against malicious corruption or spoofing of host names. Use of static IP addresses is considered more stable and reliable than use of hostnames or Fully Qualified Domain Names (FQDN). |
STIG | Date |
---|---|
Oracle 10 Database Installation STIG | 2014-01-14 |
Check Text ( C-29490r1_chk ) |
---|
If a listener is not running on the local database host server, this check is Not a Finding. Review all listener.ora files for the HOST =. Verify the HOST = value specifies an IP address for all occurrences of the HOST = setting. Sample: (ADDRESS= (PROTOCOL=TCP) (HOST= [host IP address]) (PORT=1521)) If any addresses specify a host name in place of an IP or other network address, this is a Finding. NOTE: If a host name is used, ensure it can be locally resolved to an IP address on the DBMS system using a host table, however, if a hostname is used, it is still a Finding. |
Fix Text (F-26558r1_fix) |
---|
Edit the listener.ora file and replace any HOST= [hostname or domain name] to use static IP addresses for the host. The listener.ora file is by default located in the ORACLE_HOME/network/admin directory or the directory specified in the TNS_ADMIN environment variable for the listener service or process owner account. |