| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.misc -> Re: 9iAS security?
Comments embedded.
Stephan wrote:
> Hi,
>
> We want to setup:
> 2 W2000 machines: 1 with 9iAS and 1 with Oracle 9i database
> Both behind firewall.
>
> Can someone point me to the right direction?:
> - on the database: the listener.ora --> I only need simple access to the
> database, so I can delete the EXTERNAL_PROCEDURE part?
Yes, you can delete (or comment out) that part.
> - on the database: sqlnet.ora --> can I filter on IP --> to allow only the
> 9iAS machine to connect (on port 1521?)
Well, sqlnet.ora is a client-side parameter file. What you want is a
server-side parameter file or feature instead. The only server-side
network parameter file is listener.ora. What you are describing is
normally setup in the firewall, not the database.
> - on the 9iAS --> how to secure this machine? We want to run Forms
> Server/Reports Server and JSP.
How to secure each of the tiers? Well now, that's the subject of many
books and manuals. Much more than a simple NG answer. A while back, I
posted the URL of a white paper: Database Security in Oracle 8i, which
contains info about securing multiple tiers:
http://technet.oracle.com/deploy/security/pdf/oow99/dbswp86.pdf
You can also find a vendor paper: Hackproofing Oracle9iAS at:
There are zillions of resources, including Oracle manuals on security. You can find a searchable set of online manuals at:
Do a Google search and you'll get more hits than you can wade thru.
>
> Thanks
> Stephan
>
>
>
Received on Mon Jan 20 2003 - 15:03:24 CST
 |
 |