On 3/6/06, Tony Jambu <tjambu_freelists@xxxxxxxxxxxx> wrote: > The client made a decision in the past about letting SQL Net thru the > FW. Not much I can do there now. Oracle Advance Security is > probably not an option the client will go with but no harm discussing it. In this sort of situation I prefer to use the port-forwarding capabilities of OpenSSH... this way you at least require strong authentication before allowing access. With a fairly small amount of configuration effort, you can actually lock down the OpenSSH daemon pretty tightly. Managing the user side is, admittedly, a bit more demanding. Much of this can be alleviated, however, by setting up a standard PuTTY configuration which could simply be emailed to the relevant users. -- "I'm too sexy for my code." - Awk Sed Fred. -- //www.freelists.org/webpage/oracle-l