restricting network ports on oracle client

I have currently run into a security problem with net8 and was wondering
if you could help me out
or spread some light on the issue for me. I want to configure the
Oracle clients to connect
to the database using a specified range of Ports. I assume this
configuration will go in the tnsnames.ora file but I do not know the syntax nor have I been able to find an
example.
Here's a sample tnsnames file to help my explanation.

DB2 =
  (DESCRIPTION =
    (ADDRESS = (PROTOCOL = TCP)(HOST =
MY.DATABASE.COM)(PORT = 1521))
    (CONNECT_DATA = (SID = ORCL))
  )

This tells the client to connect up to the oracle listener at
MY.DATABASE.COM on port 1521.
(thats easy) What I want to do is restrict what
port oracle replies on.
Security wants to close all ports that are not being used by a firewall
and want me to give them specific ports or a range of ports where oracle will communicate with the clients.
Currently the database is replying
on ports in a range from 30000 to 50000, but this depends on the box
that makes the call. Each box
seems to be in a restricted range.

Here is an example from the listener.log

(CONNECT_DATA=(SID=ORCL)(CID=(PROGRAM=)(HOST=MY.CL
IENT.COM)(USER=CLIENT)))
*
(ADDRESS=(PROTOCOL=tcp)(HOST=MY.DATABASE.COM)(PORT
=33022)) * establish *
orcl* 0

Here the listener is replying to MY.CLIENT.COM on port 33022. I want to
configure the ports or range
of ports where the listener responds. I assume this is done in either
the tnsnames.ora on the client or
the listener.ora on the server. (my guess is tnsnames with a parameter
called source but I have not been
able to find an example). Can you help me out with this. Maybe send
me a tnsnames.ora
that has this configured so I can see the syntax. Point to the correct
documentation or something.
Thanks in advance.

Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't. Received on Thu Aug 19 1999 - 13:45:30 CDT