RE: Monitoring Port 1521

>> Oracle and the DBA worked may hours attempting this
>> could not get multiple listeners at different security levels working

Interesting will not work "on the same server"?

How about this.
Set up a listener on another server-X with different security levels. Have the/your database on server-Y "register" with the remote listener on server-X.

Metalink has steps on setting "remote listener" up...little painful but maybe...

Chris Marquez
Oracle DBA

-----Original Message-----
From: oracle-l-bounce_at_freelists.org on behalf of Daniel Looby Sent: Fri 5/20/2005 2:28 PM
To: oracle-l_at_freelists.org
Subject: Monitoring Port 1521  

We have an application that makes use of port 1521 for an oracle listener. The port is totally blocked outside of a domain and so the security level is set to 'request' for encryption.

But now there is a need for a system outside of the domain to have access via an oracle listener. But in this case we need to insure that all traffic is encrypted.

Our DBA (hey, I'm the poor support person) worked with Oracle to try to set up a second listener on another port with the security level set to 'encrypt'. Oracle and the DBA worked may hours attempting this, but found they could not get multiple listeners at different security levels working (anyone successful at this?).

Drop to Plan B. Set up a second listener (same security level) on another port and open that port to the other system. Now the only problem is to ensure that all traffic is encrypted. We have a 'promise' from the other system that it will always encrypt requests.

To ensure that we are doing due diligence how can one monitor and recognize that the traffic is actually encrypted? If we find that it isn't then we want to re-enable our firewall to block them.

Suggestions? Solutions? Help!

Dan

--
http://www.freelists.org/webpage/oracle-l



--
http://www.freelists.org/webpage/oracle-l