| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> RE: Those installing Oracle 9i on AIX 5.2L
DUDE... they won't let me PUT a machine in the DMZ (our DMZ is inside one firewall and outside the other 2). I have been trying to 'creatively' put a machine just inside the first firewall (these are NT machines and I do have an account and the IP... so you have me there) and install just the front end to apps on that machine... and have THAT apps installation talk to the same database that the system used by the internal users uses... Essential two distinct servers known to the DNS by two distinct names that are on different segments of the network... one behind one fire wall, one behind three. Don't know if you know anything about apps... but there is this really cool table called FND_PROFILE_OPTION_VALUES that gets all screwed up if you do that... it stores what its other end is called. Whatever front end you install last is the only one the back end knows about. Oh, yeah... and direct editing of any apps table isn't EXACTLY supported (although that is one that you can edit ONE column in and only worry most of the time if you screwed anything up... ).
CAN'T have only one on the client token ring... what if someone hacked it... then they could see... EXACTLY what they could see with this unconfigurable configuration... it just would mean I could actually make the stupid thing WORK and we would wipe the dust off the server that, right now, is sitting there spinning CPU with MKS toolkit, C++ compiler and the OS sitting on it...
April Wells
Oracle DBA/Oracle Apps DBA
Corporate Systems
Amarillo Texas
You will recognize your own path when you come upon it, because you will suddenly have all the energy and imagination you will ever need.
~ Jerry Gillies ~
-----Original Message-----
Sent: Thursday, June 05, 2003 8:25 AM
To: Multiple recipients of list ORACLE-L
April,
and you thought you were alone ... on our most production systems, we have
everything that we need. But when we talk about the machines in the DMZ
(outside the firewall), The security group sometimes goes overboard. Once we
had to put a new oracle install on a new machine. We have an identical
machine inside the firewall. We do our build there,
tar,gzip,scp,gunzip,untar are the steps.
So when we requested the access (with certain steps be done by root), we got everything, except
1. the ip for the machine 2. Firewall post for the machine 3. no user account on the machine for oracle owner
Security rocks ... eventually we gave them a detailed list and everything got fixed in an hour. We still laugh at it at times ...
Raj
April Wells <awells_at_csedge.com> wrote:
We don't GET access to man pages here... they take up too much space... so does the C compiler.
April Wells
Oracle DBA/Oracle Apps DBA
Corporate Systems
Amarillo Texas
The information contained in this communication, including attachments, is strictly confidential and for the intended use of the addressee only; it may also contain proprietary, price sensitive, or legally privileged information. Notice is hereby given that any disclosure, distribution, dissemination, use, or copying of the information by anyone other than the intended recipient is strictly prohibited and may be illegal. If you have received this communication in error, please notify the sender immediately by reply e-mail, delete this communication, and destroy all copies.
Corporate Systems, Inc. has taken reasonable precautions to ensure that any attachment to this e-mail has been swept for viruses. We specifically disclaim all liability and will accept no responsibility for any damage sustained as a result of software viruses and advise you to carry out your own virus checks before opening any attachment.
-- Please see the official ORACLE-L FAQ: http://www.orafaq.net -- Author: April Wells INET: awells_at_csedge.com Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-LReceived on Thu Jun 05 2003 - 09:24:41 CDT
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
 |
 |