Dennis wrote an interesting blog entry about an experiment he conducted.

He found that out of roughly every 69,000 randomly scanned IP addresses, there is one open Oracle TNS Listener. That’s interesting because we all know that there are numerous attacks on (even fully patched) listeners that do not require any authentication.

Looking at the listener versions, you can see that many of the versions are not even getting patches from Oracle any more. This is like leaving your door wide open and putting up a big sign inviting hackers to come in, especially in light of many working exploits out there.

I didn’t try it, but I’d bet that many of these listeners do not even require a password. Come on people, at least keep your database behind a firewall!