Oracle EM Console security

It’s probably not a wise idea to allow SYSDBAs to connect to Oracle’s Enterprise Manager Console (actually it’s a Web application) over HTTP. Someone could sniff the password and have access to the database.

Create a secure SSH tunnel:

ssh -L 5501:localhost:5501 server.thatrunsoracle.example.com

So I run the above line from my workstation and then connect to localhost:5501/em

Gotcha: Make sure the local and remote port are the same! EM doesn’t work otherwise.

P.S. I’m available for Oracle security auditing for just 100UKP an hour.

Found any of my content useful?