RE: Firewalling Oracle

Jared,  

>What problems did you run into with it?
 

Forgetting to change it when an ip address changed.  

>Was it worth the trouble in your opinion?
 

I was able to sleep better at night.  

We have two boxes that were briefly sitting outside of a firewall. This is when I implemented the TCP.INVITED_NODES parameter. Since that time, these boxes have been moved into a more secure area of the network. But since they are outside our corporate firewall I left the parameter in place. I've never really had any problems, except when the IP address of the invited nodes changed. They were NATted addresses, so it took me a little while to figure out that it wasn't a firewall problem.  

Jay

From: oracle-l-bounce_at_freelists.org
[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Jared Still Sent: Wednesday, January 11, 2006 2:09 PM To: Oracle-L Freelists
Subject: Firewalling Oracle

Hello,

I'm curious how many folks have used the the TCP.VALIDNODE_CHECKING, TCP.EXCLUDED_NODES and/or TCP.INVITED_NODES parameters to restrict database access.

What problems did you run into with it?

Was it worth the trouble in your opinion?

Thanks,

Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist

**DISCLAIMER
This e-mail message and any files transmitted with it are intended for the use of the \ individual or entity to which they are addressed and may contain information that is \ privileged, proprietary and confidential. If you are not the intended recipient, you may \ not use, copy or disclose to anyone the message or any information contained in the \ message. If you have received this communication in error, please notify the sender and \ delete this e-mail message. The contents do not represent the opinion of D&E except to the \ extent that it relates to their official business. Received on Wed Jan 11 2006 - 21:06:44 CST