Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> restricting network ports on oracle clients
I have currently run into a security problem with net8 and was wondering
if you could help me out
or spread some light on the issue for me. I want to configure the
Oracle clients to connect
to the database using a specified range of Ports. I assume this
configuration will go in the tnsnames.ora
file but I do not know the syntax nor have I been able to find an
example.
Here's a sample tnsnames file to help my explanation.
DB2 =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = MY.DATABASE.COM)(PORT = 1521))
(CONNECT_DATA = (SID = ORCL))
)
This tells the client to connect up to the oracle listener at
MY.DATABASE.COM on port 1521.
(thats easy) What I want to do is restrict what port oracle replies on.
Security wants to close all ports that are not being used by a firewall
and want me to give them specific ports
or a range of ports where oracle will communicate with the clients.
Currently the database is replying
on ports in a range from 30000 to 50000, but this depends on the box
that makes the call. Each box
seems to be in a restricted range.
Here is an example from the listener.log
(CONNECT_DATA=(SID=ORCL)(CID=(PROGRAM=)(HOST=MY.CLIENT.COM)(USER=CLIENT)
))
*
(ADDRESS=(PROTOCOL=tcp)(HOST=MY.DATABASE.COM)(PORT=33022)) * establish *
orcl* 0
Here the listener is replying to MY.CLIENT.COM on port 33022. I want to
configure the ports or range
of ports where the listener responds. I assume this is done in either
the tnsnames.ora on the client or
the listener.ora on the server. (my guess is tnsnames with a parameter
called source but I have not been
able to find an example). Can you help me out with this. Maybe send
me a tnsnames.ora
that has this configured so I can see the syntax. Point to the correct
documentation or something.
Thanks in advance.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
Received on Thu Aug 19 1999 - 14:14:13 CDT