RE: Prevent connections for some users through SQL*Plus, TOAD

From: Yong Huang <yong321_at_yahoo.com>
Date: Tue, 3 Jun 2008 11:47:54 -0700 (PDT)
Message-ID: <754885.7451.qm@web80606.mail.mud.yahoo.com>

How about check v$session.module instead of program? It's much harder to hack that, especially on recent versions of Toad. This question was asked before. See
http://groups.google.com/group/comp.databases.oracle.server/browse_frm/thread/6eedd341d44157be

Not directly related. I've looked into the toad.exe before. See http://yong321.freeshell.org/oranotes/ToadAndAlternatives.html

Sql*Plus is of course easy to stop.

Yong Huang

> Subject: RE: Prevent connections for some users through SQL*Plus, TOAD
> Date: Mon, 2 Jun 2008 14:14:04 +0100
> From: "John Hallas" <john.hallas_at_bjss.co.uk>
>
> If you search the archives for logon trigger and TOAD you will see quite
> a few examples of useful code.
>
> The biggest problem is that there is nothing stop a user renaming
> toad.exe to fred.exe which bypasses the trigger.
>
> I have sent a e-mail with a post that is in my archives which provides
> some good.
>
> John
> www.jhdba.wordpress.com

--
http://www.freelists.org/webpage/oracle-l

Received on Tue Jun 03 2008 - 13:47:54 CDT

This message: [ Message body ]
Next message: Newman, Christopher: "utlrp and show errors"
Previous message: Koivu, Lisa: "Grid Control preferred credentials"
Maybe in reply to: Ricardo Santos: "Prevent connections for some users through SQL*Plus, TOAD"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message