Hi Dave, How about using an AFTER LOGON trigger ? Sent from BlackBerry® on Airtel -----Original Message----- From: David Mann <dmann99@xxxxxxxxx> Sender: oracle-l-bounce@xxxxxxxxxxxxx Date: Thu, 12 Sep 2013 12:51:25 To: Martin Klier<usn@xxxxxxxxx> Reply-To: dmann99@xxxxxxxxx Cc: Mark.Bobak@xxxxxxxxxxxx<Mark.Bobak@xxxxxxxxxxxx>; oracle-l@xxxxxxxxxxxxx<oracle-l@xxxxxxxxxxxxx> Subject: Re: Keeping a DB from Phoning Home... Thanks for the suggestions, I will push the networking angle more when I meet with the sysadmin. The biggest risk is probably from DB links which can be mitigated, but to be 100% sure looks like isolating it in a subnet or with firewall is the most reliable route. (Pun intended!) On Thursday, September 12, 2013, Martin Klier wrote: > Hi David, > > I agree with Mark - but my first thought was: "Why not putting it behind > a firewall, not allowing outgoing connections, and only allow the app > server to connect in [to Port 1521 via TNS]?" > > Maybe easier to achieve than reconfiguring a legacy system to a new subnet. > > HTH > Martin Klier > > > Mark Bobak schrieb: > > If you're not sure how to do that, you may want to have a chat with your > > network engineering group. It should be pretty trivial to set up. > > > > -- > Usn's IT Blog for Oracle and Linux > http://www.usn-it.de > > -- Dave Mann General Geekery | www.brainio.us Database Geekery | www.ba6.us | @ba6dotus | http://www.ba6.us/rss.xml -- //www.freelists.org/webpage/oracle-l -- //www.freelists.org/webpage/oracle-l