Re: Block db access by IP and username

• From: vamshi krishna <vamshireddy_1@xxxxxxxxxxx>
• To: Richard.Goulet@xxxxxxxxxxx, gabriel.aragon@xxxxxx, oracle-l@xxxxxxxxxxxxx
• Date: Tue, 1 Sep 2009 04:15:58 +0530 (IST)

use this option its very efficient.


TCP.EXCLUDED_NODES
Purpose

Use the parameter TCP.EXCLUDED_NODES to specify which clients are denied access 
to the database.
Syntax

TCP.EXCLUDED_NODES=(hostname | ip_address, hostname | ip_address, ...)

Example

TCP.EXCLUDED_NODES=(finance.us.acme.com, mktg.us.acme.com, 144.25.5.25)
 
 
TCP.INVITED_NODES
Purpose

Use the parameter TCP.INVITED_NODES to specify which clients are allowed access 
to the database. This list takes precedence over the TCP.EXCLUDED_NODES 
parameter if both lists are present.
Syntax

TCP.INVITED_NODES=(hostname | ip_address, hostname | ip_address, ...)

Example

TCP.INVITED_NODES=(sales.us.acme.com, hr.us.acme.com, 144.185.5.73)
  
TCP.VALIDNODE_CHECKING




________________________________
From: "Goulet, Richard" <Richard.Goulet@xxxxxxxxxxx>
To: gabriel.aragon@xxxxxx; oracle-l@xxxxxxxxxxxxx
Sent: Monday, August 31, 2009 1:00:53 PM
Subject: RE: Block db access by IP and username


"I was thinking about using an after logon trigger to 
detect username and IP and kill session if it doest fit with required values, 
but I think this is a little bit rude."
 
No it 
isn't.
 
Dick 
Goulet 
Senior Oracle 
DBA/NA Team Lead 
PAREXEL International 
 


________________________________
 From: oracle-l-bounce@xxxxxxxxxxxxx 
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Aragon, Gabriel (GE, 
Corporate, consultant)
Sent: Monday, August 31, 2009 3:53 
PM
To: oracle-l@xxxxxxxxxxxxx
Subject: Block db access by IP 
and username


Hi all, 
 
long time no checking this list. I have a security 
question. I need to block access to db by IP and username, let's say that I 
need 
that user XXXX can connect ONLY from IP aaa.bbb.ccc.ddd, that is, if user XXXX 
wants to connect from another IP, access will be denied.
 
I was thinking about using an after logon trigger to 
detect username and IP and kill session if it doest fit with required values, 
but I think this is a little bit rude. The other option I verified was using 
sqlnet.ora configuration but this only filters by IP and I would have to add 
all 
posssible IP's but doesnt filter users, and this is not what I 
need.
 
Any ideas?
 
TIA
Gabriel


      

• References:
  • Best practice for Dataguard in 10g?
    • From: dbvision@xxxxxxxxxxxx
  • Re: Best practice for Dataguard in 10g?
    • From: Jack van Zanen
  • Re: Best practice for Dataguard in 10g?
    • From: Nuno Souto
  • Re: Best practice for Dataguard in 10g?
    • From: Don Seiler
  • Re: Best practice for Dataguard in 10g?
    • From: Roger Xu
  • Block db access by IP and username
    • From: Aragon, Gabriel (GE, Corporate, consultant)
  • RE: Block db access by IP and username
    • From: Goulet, Richard

Other related posts:

• » Block db access by IP and username- Aragon, Gabriel (GE, Corporate, consultant)
• » RE: Block db access by IP and username- Goulet, Richard
• » Re: Block db access by IP and username- Rakesh Tikku
• » Re: Block db access by IP and username- Stefan Knecht
• » Re: Block db access by IP and username - vamshi krishna
• » Re: Block db access by IP and username- Balakrishna Y
• » Re: Block db access by IP and username- Pedro Alvarez Espinoza

1. Home
2. oracle-l
3. Archive
4. 08-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---