Порт 1521 для чего

Поиск TCP/UDP Портов

TCP-порт 1521 использует протокол управления передачей данных (TCP), который является одним из основных протоколов в сетях TCP/IP. TCP является протоколом с установлением соединения и требует квитирования для установки сквозной связи. Только после установления соединения пользовательские данные могут пересылаться в обоих направлениях.
Внимание! TCP гарантирует доставку пакетов данных через порт 1521 в том же порядке, в котором они были отправлены. Гарантированная связь через TCP-порт 1521 является основным отличием TCP от UDP.

Предоставляемые через UDP-порт 1521 UDP услуги не отличаются надежностью, так как датаграммы могут быть получены в сдублированном виде, с нарушенной очередностью или даже могут пропасть без какого-либо предупреждения. UDP на порт 1521 проверка и исправление ошибок не являются обязательными или должны выполняться в прикладной программе, что позволяет избежать накладных расходов на такую обработку на уровне сетевого интерфейса.
UDP (User Datagram Protocol) является минимальным ориентированным на работу с сообщениями протоколом транспортного уровня (протокол описан в IETF RFC 768). Примеры прикладных программ, часто использующих UDP: передача голоса по IP-протоколу (VoIP), передача мультимедийных потоков и многопользовательские игры в режиме реального времени. Множество веб-приложений используют UDP, к примеру, система доменных имен (DNS), информационный протокол маршрутизации (RIP), протокол динамической конфигурации хостов (DHCP), простой протокол управления сетью (SNMP).
TCP против UDP – TCP: надежный, упорядоченный, тяжеловесный, потоковый; UDP – ненадежный, неупорядоченный, легковесный, датаграммы.

4 Managing Network Connections

This section explains how to manage net work connections to the database. It includes the following topics:

About Network Connections and the Oracle Net Listener
Viewing Listener Status
Stopping and Starting the Listener
Changing Listener Port Numbers
Enabling Remote HTTP Connection to the Database

About Network Connecti ons and the Oracle Net Listener

Oracle Database Express Edition (Oracle Database XE) supports connections from client applications both remotely over the network and locally. Remote client applications and the database communicate through Orac le Net, which is a software layer that resides both on the remote computer and on the Oracle Database XE host computer. Oracle Net establishes the connection between the client application and the database, and exchanges messages between them using TCP/IP. Oracle Net is automatically installed when you install Oracle Database XE and Oracle Database Express Edition Client.

Included with Oracle Net in an Oracle Database XE installation is the Oracle Ne t listener , commonly known as the listener. It is the host process that listens on specific TCP/IP ports for connection requests. When the listener receives a valid connection request from a client application, it routes the connection request to the database. The client application and the database then communicate directly.

Table 4-1 lists the types of connection requests that the listener handles.

Table 4-1 Types of Connection Requests Han dled by the Listener

Database connections using Oracle Net over TCP/IP. Examples include:

Remote connection from SQL Command Line.
Remote connection from a Java application that connects with JDBC.

Database conn ections using the HTTP protocol. Examples include:

Accessing the Database Home Page, locally or remotely. See «Accessing the Database Home Page» for more information.
Accessing the Oracle XML DB repository. Oracle XML DB is the Oracle Database XE feature that provides high-performance, native XML storage and retrieval. Through the Oracle XML DB repository, you can access XML data with the HTTP and WebDAV (Web folder) protocols. See Oracle XML DB Developer’s Guide for more information.

The listener can also handle FTP c onnection requests for the Oracle XML DB repository. For security reasons, FTP requests are disabled when you install Oracle Database XE. See Oracle XML DB Developer’s Guide for more information.

You can disable certain types of connection requests by manually stopping the listener, and reenable them by restarting the listener. (The listener is automatically started when you install Oracle Database XE and when you restart the Oracle Database XE host computer.)

Table 4-2 indicates the types of connections that require the listener to be started.

Table 4-2 Connections That Require the Listener

As the table shows, stopping the listener disables all connection requests except local database connection requests.

Configuring the Listener

You can change the ports that the listener listens on, both for database and HTTP connection requests, either during the Oracle Database XE installation process, or at a later time after installation. See «Changing Listener Port Numbers» for details on changing port numbers after installation.

The Windows installation process prompts for the port number for HTTP requests only if the defa ult port number, 8080, is already in use. The Linux configuration script always prompts for HTTP port n umber.

Remote HTTP Connections Initially Disabled

As a security measure, remote HTTP connection requests are initially disabled. This means that remote users cannot use the the Oracle Database XE graphical user interface until you enable remote HTTP connections. See «Enabling Remote HTTP Connection to the Database» for instructions.

«Stopping and Starting the Listener»
«Changing Listener Port Numbers»
«Connecting to the Database»
«Viewing Listener Status»

Viewing Listener Status

You vie w listener status to determine if the listener is started and to check listener properties (such as the TCP/IP port numbers that the listener is listening on). You do so with the Listener Con trol ( lsnrctl) utility.

To view listener status:

Do one of the following:
- On Linux: Start a terminal session and log in to the Oracle Database XE host computer with the oracle user account.
- On Windows: Log in to the Oracle Database XE host computer as the user who installed Oracle Database XE, and then open a command window.
On Linux, ensure that environm ent variables are set according to the instructions in «Setting Environment Variables on the Linux Platform».
Enter the following command:

LSNRCTL STATUS

If the listener is not started, the command displays the following error messages:

TNS-12541: TNS:no listener TNS-12560: TNS:protocol adapter error TNS-00511: No listener

If the listener is started, the command displays a report that looks something like this:

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1521))) STATUS of the LISTENER ------------------------ Alias LISTENER Version TNSLSNR for Linux: Version 10.2.0.1.0 - Production Start Date 10-DEC-2005 19:06:12 Uptime 2 days 3 hr. 39 min. 32 sec Trace Level off Security ON: Local OS Authentication SNMP OFF Default Service XE Listener Parameter File /usr/lib/oracle/xe/app/oracle/product/10.2.0/server/network/admin/listener.ora Listener Log File /usr/lib/oracle/xe/app/oracle/product/10.2.0/server/network/log/listener.log Listening Endpoints Summary. (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=myhost.mydomain.com)(PORT=1521))) (DESCRIPTION=(ADDRESS=(PROTOCOL=tcp)(HOST=myhost.mydomain.com)(PORT=8080))(Presentation=HTTP) (Session=RAW)) Services Summary. Service "PLSExtProc" has 1 instance(s). Instance "PLSExtProc", status UNKNOWN, has 1 handler(s) for this service. Service "XE" has 1 instance(s). Instance "XE", status READY, has 1 handler(s) for this service. Service "XEXDB" has 1 instance(s). Instance "XE", status READY, has 1 handler(s) for this service. Service "XE_XPT" has 1 instance(s). Instance "XE", status READY, has 1 handler(s) for this service. The command completed successfully

In the preceding report, the bold text indicates particulars to look for. Their meanings are as follows:

(PORT=1521) The listener is listening for database connections through Oracle Net on port 1521.
(PORT=8080))(Presentation=HTTP) The listener is listening for database connections through HTTP on port 8080.
Service «XE» has 1 instance(s) and Instance «XE», status READY Oracle Database XE is properly registered with the listener and is ready to accept connections.

Stopping and Starting the Listener

The listener is configured to start automatically when you install Oracle Database Express Edition (Oracle Database XE), and whenever the computer running Oracle Database XE is restarted. The following are reasons why you may want to stop and restart the listener:

To recover from system errors
To temporarily block remote connection requests You stop the listener to disable remote connection requests, and restart the listener to enable them.
To change the TCP port number that the listener listens on See «Changing Listener Port Numbers» for more information.

Stopping the Listener

To st op the listener:

Do one of the following:
- On Linux: Start a terminal session and log in to the Oracle Database XE host computer with the oracle user account.
- On Windows: Log in to the Oracle Database XE host computer as the user who installed Oracle Database XE, and then open a command window.
On Linux, ensure that environment variables are set according to the instructions in «Setting Environment Variables on the Linux Platform».
Enter the following command:

LSNRCTL STOP

The command displays the following output if successful. On Linux:

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=myhost)(PORT=1521))) The command completed successfully

On Windows:

Connecting to (DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC1))) The command completed successfully

Starting the Listener

To st art the listener:

Do one of the following:
- On Linux: Start a terminal session and log in to the Oracle Database XE host computer with the oracle user account.
- On Windows: Log in to the Oracle Database XE host computer as the user who installed Oracle Database XE, and then open a command window.
On Linux, ensure that environment variables are set according to the instructions in «Setting Environment Variables on the Linux Platform».
Enter the following command:

LSNRCTL START

If you stop and then start the listener while the database is running, it may take a minute or so for the database to reregister with the listener and to begin accepting connections. To determine if the database is ready to accept connections, run the lsnrctl status command repeatedly until you see the following lines in the report:

Service "XE" has 1 instance(s). Instance "XE", status READY, has 1 handler(s) for this service.

Changing Liste ner Port Numbers

You would need to change a default listener port number only if there were a port number conflict with another TCP/IP service. You are given the opportunity to change listener port numbers during installation (Windows) or configuration (Linux). This section explains how to change port numbers after installation or configuration. It contains the following topics:

«Changing the Listener Port Number for Database Connection Requests»
«Changing the Listener Port Number for HTTP Connection Requests»

Changing the Listener Port N umber for Database Connection Requests

If you change the listener port number for database connection requests, you must ensure that all future database connection requests use the new port number. This means that connection requests such as those discussed in «Connecting Remotely with SQL Command Line» must explicitly include the port number.

For example, if you change the port number for database connection requests to 1522, subsequent SQL Command Line (SQL*Plus) connect statements must be similar to the following (assuming a connection from Oracle Database Express Edition Client):

connect system/mypassword@myhost.mydomain.com:1522

Example: Changing Listener Port Number for Database Connection Requests

Assume that your Oracle Database XE host computer is named myhost.mydomain.com and that you want to install a new software package on this computer that requires TCP port number 1521. Assume also that the port number for that software package cannot be configured, and that you must therefore resolve the port number conflict by reconfiguring Oracle Database XE. You decide to change the listener port number for database connection requests to 1522.

To change the listener port number for database connection requests to 1522:

Stop the listener. See «Stopping and Starting the Listener» for instructions.
Open the fil e listener.ora with a text editor. Table 4-3 shows the location of this file on each platform.

Table 4-3 Location of the listener.ora File

Platform	Location
Linux	/usr/lib/oracle/xe/app/oracle/product/10.2.0/server/network/admin/
Windows	c:\oraclexe\app\oracle\product\10.2.0\server\NETWORK\ADMIN\

LISTENER = (DESCRIPTION_LIST = (DESCRIPTION = (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC1)) (ADDRESS = (PROTOCOL = TCP)(HOST = myhost)(PORT = 1521)) ) )

ALTER SYSTEM SET LOCAL_LISTENER = "(ADDRESS=(PROTOCOL=TCP)(HOST=myhost.mydomain.com)(PORT=1522))"; ALTER SYSTEM REGISTER;

Service "XE" has 1 instance(s). Instance "XE", status READY, has 1 handler(s) for this service.

Changing the Listener Po rt Number for HTTP Connection Requests

If you change the listener port number for HTTP connection requests, you must ensure that all future HTTP connection requests use the new port number.

For example, if you change the listener port number for HTTP requests to 8087, you must use the following URL to access the Database Home Page locally:

http://127.0.0.1:8087/apex

When you change the listener port number for HTTP, the Go To Database Home Page menu item on the desktop can no longer open the Database Home Page. The following procedure contains an optional step that explains how to modify this menu item to function with the new port number.

To change the listener port number for HTTP connection requests:

Do one of the following:
- On Linux: Start a terminal session and log in to the Oracle Database XE host computer with the oracle user account.
- On Windows: Log in to the Oracle Database XE host computer as the user who installed Oracle Database XE, and then open a command window.
On Linux, ensure that environment variables are set according to the instructions in «Setting Environment Variables on the Linux Platform».
Ensure that the listener is started. See «Viewing Listener Status» and «Stopping and Starting the Listener» for instructions.
Enter the following command at the operating system prompt to start SQL Command Line:

SQLPLUS /NOLOG

CONNECT SYSTEM/password

EXEC DBMS_XDB.SETHTTPPORT(nnnn);

where nnnn represents the new port number to use for HTTP connection requests. Be certain that you select a port number that is not already in use. For example, to use port number 8087 for HTTP connection requests, enter this command:

EXEC DBMS_XDB.SETHTTPPORT(8087);

If the command is successful, the following message is displayed:

PL/SQL procedure successfully completed.

Platform	Script to Change When Changing the Listener Port for HTTP Connection Requests
Linux	/usr/lib/oracle/xe/app/oracle/product/10.2.0/server/config/scripts/DatabaseHomePage.sh
Windows	C:\oraclexe\app\oracle\product\10.2.0\server\Database_homepage.url

Enab ling Remote HTTP Connection to the Database

After installation, database connection requests with the HTTP protocol are enabled only on the computer on which you installed Oracle Database XE. This means that remote users cannot access the Oracle Database XE graphical user interface (including the Database Home Page). As an administrator, you can enable HTTP access for remote users, thereby enabling them to access the Oracle Database XE graphical user interface.

With remote HTTP access to Oracle Database XE, all information exchanged between the browser and the database is in clear text—that is, unencrypted—including database user names and passwords. If this is cause for concern, do not enable remote HTTP connection to the database.

There are two ways to enable remote HTTP database connection requests:

From the Manage HTTP Access page in the Oracle Database XE graphical user interface
From SQL Command Line, using a PL/SQL package procedure

Enabling Remote HTTP Connection with the Manage HTTP Access Page

To enable remote HTTP connection requests using the Manage HTTP Access page:

Access the Database Home Page. See «Accessing the Database Home Page» for instructions.
Click the Administration icon. The Administration page appears.
In the Tasks list at the right of the page, click Manage HTTP Access . If prompted for administrator credentials, enter the SYSTEM user name and password or another administrator user name and password, and then click Login . See «About Administrative Accounts and Privileges» for more information. The Manage HTTP Access page appears.
Description of the illustration manage_access.gif

Enabling Remote HTTP Connection with SQL Command Line

To enable remote HTTP connection requests using SQL Command Line:

Start SQL Command Line and connect to the database as user SYSTEM . Provide the SYSTEM password that you assigned upon installation (Windows) or configuration (Linux) of Oracle Database XE. See «Connecting Locally with SQL Command Line» or «Connecting Remotely with SQL Command Line» for instructions.
At the SQL Command Line prompt, enter the following command:

EXEC DBMS_XDB.SETLISTENERLOCALACCESS(FALSE);

Port 1521 Details

Transparent Network Substrate (TNS) Listener in Oracle 9i 9.0.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a single malformed TCP packet to port 1521.
References: [CVE-2002-0509], [BID-4391]

9 records found

Notes:
Port numbers in computer networking represent communication endpoints. Ports are unsigned 16-bit integers (0-65535) that identify a specific process, or network service. IANA is responsible for internet protocol resources, including the registration of commonly used port numbers for well-known internet services.
Well Known Ports: 0 through 1023.
Registered Ports: 1024 through 49151.
Dynamic/Private : 49152 through 65535.

TCP ports use the Transmission Control Protocol, the most commonly used protocol on the Internet and any TCP/IP network. TCP enables two hosts to establish a connection and exchange streams of data. TCP guarantees delivery of data and that packets will be delivered in the same order in which they were sent. Guaranteed communication/delivery is the key difference between TCP and UDP.

UDP ports use the Datagram Protocol. Like TCP, UDP is used in combination with IP (the Internet Protocol) and facilitates the transmission of datagrams from one computer to applications on another computer, but unlike TCP, UDP is connectionless and does not guarantee reliable communication; it’s up to the application that received the message to process any errors and verify correct delivery. UDP is often used with time-sensitive applications, such as audio/video streaming and realtime gaming, where dropping some packets is preferable to waiting for delayed data.

When troubleshooting unknown open ports, it is useful to find exactly what services/processes are listening to them. This can be accomplished in both Windows command prompt and Linux variants using the «netstat -aon» command. We also recommend runnig multiple anti-virus/anti-malware scans to rule out the possibility of active malicious software. For more detailed and personalized help please use our forums.

What is Port 1521?

Port 1521 is dedicated to Oracle database servers and the clients connecting to them. You can also use it for Oracle Net Services.

Oracle Database Management System and Oracle Net Services

The Oracle database management system allows organizations to efficiently organize, store, and access large amounts of data in a relational database. To manage and use this data, Oracle client applications communicate with Oracle database servers over port 1521, passing commands and other instructions that the server processes.

Oracle Net Services is a layer that operates on top of both Oracle client applications and Oracle database servers. It provides network infrastructure for an Oracle environment that is both scalable and highly available. Due to its underlying dependence on the Oracle database management system, it, too, operates over port 1521.

Clients, Applications, and Database Servers Need Port 1521

For the purposes of efficiency and efficacy, you typically separate — on different computers — Oracle database servers. The database servers store data and process requests made to them and the Oracle client applications that make the requests. In order to communicate, an Oracle client application on one computer must make its requests to an Oracle database server on a different computer over port 1521.

Oracle client applications can include enterprise management systems such as Oracle Financials and database management tools like Oracle’s SQL Developer. They generally both communicate with Oracle database servers by sending commands to them over port 1521 in a language called SQL.

What is Port 1521 Used For?

You use port 1521 to query and manage data and connect to Oracle databases.

Why Would Oracle Apps Need to Query or Manage Data?

When an Oracle enterprise application such as Oracle Financials needs to display data to a user (or to print it), it must first query the data in an Oracle database server over port 1521. It does this by issuing SQL commands. For example, if an application wanted to retrieve all data stored in a database table called Company, it would issue the following query:

SELECT * FROM Company

When database administrators need to manage data in an Oracle database server, they use tools such as SQL Developer over port 1521. Like enterprise applications, these tools manage the data in the database server by issuing SQL commands to it.

What is the Port Used for Oracle Database Connections?

Before any Oracle client application can query or manage data in an Oracle database server, it must first connect to the server over port 1521 so that the server can authenticate it and understand what commands a particular client is authorized to perform.

Oracle database connections can be transient, meaning they close after running a set of SQL commands, or they can be persistent, meaning they remain open until specifically closed.

What are Port 1521 Vulnerabilities?

There are vulnerabilities associated with port 1521, such as brute-force attacks, but you can mitigate them.

Unauthorized Access Attempts with Port 1521

Attackers will often target port 1521 because of the value of data that typically resides behind it. So if you leave this port open, you may receive many unauthorized access attempts. Because of this, it is not unusual for organizations to block this port and use another. However, this will unlikely deter a sophisticated hacker.

Brute-Force Attacks Over Port 1521

Attackers will often use brute-force techniques when targeting port 1521. There are a number of tools, such as nmap, that will enumerate service identifiers (SIDs), which uniquely identify database instances. These same tools can also list account credentials. If an attacker obtains an SID and its credentials, it could potentially access sensitive data, which could have catastrophic consequences for an organization.

How to Mitigate Oracle Database Security Vulnerabilities

There are a number of ways to mitigate Oracle database security vulnerabilities, and organizations will usually employ a set of them. They include:

Keeping critical software always up to date, especially security patches.
Changing the Oracle database port from 1521 to another.
Implementing security policies that will hinder attackers from easily enumerating SIDs and credentials.
Implementing encryption on database servers.

Is TCP Port 1521 Encrypted?

You turn on encryption in an Oracle environment by enabling it on the database server. Once you do this, all communication between Oracle client applications and the database server over port 1521 must be encrypted.

Is Oracle Database Connection 1521 TCP or UDP?

You can use either TCP or UDP as a transport protocol on port 1521, but you most likely use TCP because of the need for data integrity.

This transport layer protocol explainer can help break down the differences between TCP and UDP even further.

Data Integrity Is Essential for Oracle Port 1521

Because data integrity is essential when using most Oracle applications, you will typically use TCP as the transport protocol. This is because with TCP, unlike with UDP, you don’t have to worry about data getting lost, damaged, delivered out of order, or duplicated during transmissions.

Port 1521 and Port Conflicts

Conflicts can arise when using port 1521, but it’s possible to resolve them.

For instance, you may find that there are too many database management systems trying to access port 1521. Only one application can listen to a given port at one time, including port 1521. So if you are trying to start an Oracle database server on port 1521 and are unable to do so because another application is using this port, you must first close this application. You can also have the database server (and the clients that connect) use a different port.

How to Open Port 1521 for Oracle

You open port 1521 on your computer through a setting in your firewall. How you do this is dependent on your operating system and firewall.

Key Takeaways About Port 1521

When using Oracle database products, you will typically use port 1521 for communication between the client apps that make data requests and the database servers that process them.

This well-known port is the default for Oracle’s SQL*Net protocol, and facilitates connections to Oracle databases. Sysadmins and data administrators will regularly encounter port 1521 when configuring and securing Oracle databases, making it a crucial element of database management. Understanding how to use and protect port 1521 is essential for maintaining the security and functionality of your data.