If you have the money to spend on licensing, Oracle Database Vault also can do things like this Stefan ========================= Stefan P Knecht CEO & Founder s@xxxxxxxx 10046 Consulting GmbH Schwarzackerstrasse 29 CH-8304 Wallisellen Switzerland Phone +41-(0)8400-10046 Cell +41 (0) 79 571 36 27 info@xxxxxxxx http://www.10046.ch ========================= On Mon, Aug 31, 2009 at 9:53 PM, Aragon, Gabriel (GE, Corporate, consultant) <gabriel.aragon@xxxxxx> wrote: > Hi all, > > long time no checking this list. I have a security question. I need to > block access to db by IP and username, let's say that I need that user XXXX > can connect ONLY from IP aaa.bbb.ccc.ddd, that is, if user XXXX wants to > connect from another IP, access will be denied. > > I was thinking about using an after logon trigger to detect username and IP > and kill session if it doest fit with required values, but I think this is a > little bit rude. The other option I verified was using sqlnet.ora > configuration but this only filters by IP and I would have to add all > posssible IP's but doesnt filter users, and this is not what I need. > > Any ideas? > > TIA > Gabriel >