Changing the default port and name of the Listener is a recommended security measure. Many attacks on database systems target default ports, such as 1521 (the default Oracle Listener port). Changing the Listener's port and name can provide an additional layer of security to protect your database from unauthorized access and threats.
In this article, we will explain how to change the name and port number of the Listener in Oracle 19c using the srvctl
tool. In this example, the default Listener port is changed from 1521 to 7654.
Prerequisites
- Access to the Oracle user with sufficient privileges to run
srvctl
commands. - Installation of Oracle Grid Infrastructure or Oracle Restart.
Steps
1. Display Current Listener Configuration
To view the current Listener settings, run the following command:
srvctl config listener
The output will be similar to:
Name: LISTENER
Type: Database Listener
Home: /u01/app/19.22/grid
End points: TCP:1521
Listener is enabled.
This output shows that the Listener named LISTENER
is active on port 1521.
2. Stop and Remove the Current Listener
To change the name and port of the Listener, you must first stop and remove the current Listener:
srvctl stop listener -listener LISTENER
srvctl remove listener -listener LISTENER
3. Create a New Listener with a New Name and Port
After removing the previous Listener, you can create a new Listener with the desired name and port. In this example, the new name is lsnr
and the port is 7654:
srvctl add listener -listener lsnr -endpoints TCP:7654
srvctl start listener -listener lsnr
4. Verify the New Listener Configuration
To ensure the new Listener has been created with the correct settings, run the srvctl config listener
command again:
srvctl config listener
The output should be similar to:
Name: LSNR
Type: Database Listener
Home: /u01/app/19.22/grid
End points: TCP:7654
Listener is enabled.
The output should be similar to:
Name: LSNR
Type: Database Listener
Home: /u01/app/19.22/grid
End points: TCP:7654
Listener is enabled.
5. Check the Status of the New Listener
To check the status of the new Listener and ensure it is working correctly, use the lsnrctl
command:
lsnrctl status lsnr
6. Change the Local Listener Port in the Database
After changing the Listener's port, you must ensure that the database can register itself on the new port. This is done by setting the LOCAL_LISTENER
parameter. To do this, enter the SQL*Plus environment and run the following commands:
sqlplus / as sysdba
SQL> ALTER SYSTEM SET LOCAL_LISTENER='(ADDRESS=(PROTOCOL=TCP)(HOST=localhost)(PORT=7654))' SCOPE=BOTH;
SQL> ALTER SYSTEM REGISTER;
If a name is currently specified for LOCAL_LISTENER
, edit the corresponding entry in tnsnames.ora
.
7. Test Connectivity to the Listener
To verify the correct operation of the new Listener, you can use the following command:
lsnrctl status LSNR
Sample output:
LSNRCTL for Linux: Version 19.0.0.0.0 - Production on 01-SEP-2024 16:23:28
Copyright (c) 1991, 2023, Oracle. All rights reserved.
Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=LSNR)))
STATUS of the LISTENER
------------------------
Alias LSNR
Version TNSLSNR for Linux: Version 19.0.0.0.0 - Production
Start Date 01-SEP-2024 16:18:55
Uptime 0 days 0 hr. 4 min. 33 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File /u01/app/19.22/grid/network/admin/listener.ora
Listener Log File /u01/app/oracle/diag/tnslsnr/vahiddb1922/lsnr/alert/log.xml
Listening Endpoints Summary...
(DESCRIPTION=(ADDRESS=(PROTOCOL=ipc)(KEY=LSNR)))
(DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=192.168.56.36)(PORT=7654)))
Services Summary...
Service ".vahidnow.lab" has 1 instance(s).
Instance "orcl", status READY, has 1 handler(s) for this service...
Service "orcl.vahidnow.lab" has 1 instance(s).
Instance "orcl", status READY, has 1 handler(s) for this service...
The command completed successfully
If all settings are correct, connectivity to the new Listener on port 7654 should be successful.
Conclusion
By following the steps above, you have successfully changed the Listener name and port using srvctl
in Oracle 19c and ensured that the database registers correctly with the new Listener. This approach is not only beneficial for performance and maintenance but also recommended from a security perspective to reduce risks associated with unauthorized access and attacks targeting default ports.