One day, you found port 5500 is on the list of vulnerability scanning this season, which is used by listener to listen incoming connections to EM express. The best way to completely avoid it is to turn off EM express.
Vulnerability Insight
The TLSv1.0 and TLSv1.1 protocols contain known cryptographic flaws like:
- CVE-2011-3389: Browser Exploit Against SSL/TLS (BEAST)
- CVE-2015-0204: Factoring Attack on RSA-EXPORT Keys Padding Oracle On Downgraded Legacy Encryption (FREAK)
Disable EM Express
First of all, we check the current port of Enterprise Manager Express (EM Express) like this:
SQL> select dbms_xdb_config.getHttpsPort() port_number from dual;
PORT_NUMBER
-----------
5500
As we can see, the port of EM Express is open. To disable EM Express, we set the port value to zero.
For secure http connection
SQL> exec dbms_xdb_config.sethttpsport(0);
For normal http connection
SQL> exec dbms_xdb_config.sethttpport(0);
We turned it off.
Thanks for your post! Explanation was straightforward and helpful!
You’re welcome and thanks for your appreciation.