Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> restricting network ports on oracle client
I have currently run into a security problem with
net8 and was wondering
if you could help me out
or spread some light on the issue for me. I want
to configure the
Oracle clients to connect
to the database using a specified range of Ports.
I assume this
configuration will go in the tnsnames.ora
file but I do not know the syntax nor have I been
able to find an
example.
Here's a sample tnsnames file to help my
explanation.
DB2 =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST =
MY.DATABASE.COM)(PORT = 1521))
(CONNECT_DATA = (SID = ORCL))
)
This tells the client to connect up to the oracle
listener at
MY.DATABASE.COM on port 1521.
(thats easy) What I want to do is restrict what
port oracle replies on.
Security wants to close all ports that are not
being used by a firewall
and want me to give them specific ports
or a range of ports where oracle will communicate
with the clients.
Currently the database is replying
on ports in a range from 30000 to 50000, but this
depends on the box
that makes the call. Each box
seems to be in a restricted range.
Here is an example from the listener.log
(CONNECT_DATA=(SID=ORCL)(CID=(PROGRAM=)(HOST=MY.CL
IENT.COM)(USER=CLIENT)))
*
(ADDRESS=(PROTOCOL=tcp)(HOST=MY.DATABASE.COM)(PORT
=33022)) * establish *
orcl* 0
Here the listener is replying to MY.CLIENT.COM on
port 33022. I want to
configure the ports or range
of ports where the listener responds. I assume
this is done in either
the tnsnames.ora on the client or
the listener.ora on the server. (my guess is
tnsnames with a parameter
called source but I have not been
able to find an example). Can you help me out
with this. Maybe send
me a tnsnames.ora
that has this configured so I can see the syntax.
Point to the correct
documentation or something.
Thanks in advance.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
Received on Thu Aug 19 1999 - 13:45:30 CDT