RE: Firewalling Oracle

  • From: "Hostetter, Jay M" <JHostetter@xxxxxxxxxxxxxxxxxxxx>
  • To: "Oracle-L Freelists" <oracle-l@xxxxxxxxxxxxx>
  • Date: Wed, 11 Jan 2006 15:06:44 -0500

>What problems did you run into with it? 
Forgetting to change it when an ip address changed.
>Was it worth the trouble in your opinion?
I was able to sleep better at night.
We have two boxes that were briefly sitting outside of a firewall.  This
is when I implemented the TCP.INVITED_NODES parameter.  Since that time,
these boxes have been moved into a more secure area of the network.  But
since they are outside our corporate firewall I left the parameter in
place.  I've never really had any problems, except when the IP address
of the invited nodes changed.  They were NATted addresses, so it took me
a little while to figure out that it wasn't a firewall problem.


From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Jared Still
Sent: Wednesday, January 11, 2006 2:09 PM
To: Oracle-L Freelists
Subject: Firewalling Oracle


I'm curious how many folks have used the the TCP.VALIDNODE_CHECKING, 
TCP.EXCLUDED_NODES and/or TCP.INVITED_NODES parameters to restrict
database access.

What problems did you run into with it? 

Was it worth the trouble in your opinion?


Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist

This e-mail message and any files transmitted with it are intended for the use 
of the individual or entity to which they are addressed and may contain 
information that is privileged, proprietary and confidential. If you are not 
the intended recipient, you may not use, copy or disclose to anyone the message 
or any information contained in the message. If you have received this 
communication in error, please notify the sender and delete this e-mail 
message. The contents do not represent the opinion of D&E except to the extent 
that it relates to their official business.

Other related posts: