Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Net8 - restricting remote acces by IP Address
A copy of this was sent to "Jeremy Ovenden" <jovenden_at_hazelweb.co.uk>
(if that email address didn't require changing)
On Sun, 28 Nov 1999 19:18:27 -0000, you wrote:
>
>I understand it is possible to restrict which clients have access to a
>database using IP address restrictions with Net8. Does anyone have any
>experience of this (reliability, performance implications etc.), and is it
>straightforward to configure? We are on 8.0.6 (standard edition) on Solaris
>2.6.
>
>Thanks in advance
>Jeremy Ovenden
>
>
>
This was added in 2.x of SQLNet actually. It is called validnode verification. Here is a short blurb from the network guide:
<quote>
Validnode Verification
The objective of Validnode verification is to restrict connection access of network clients to those with enabling host privilege. The access list is in the PROTOCOL.ORA file. The list is dynamic and used by the Validnode component to decide on granting access to incoming connection requests.
To activate Validnode checking, the following parameter must be entered in PROTOCOL.ORA:
protocol.validnode_checking = yes
For example, for the TCP/IP protocol, the parameter would be:
tcp.validnode_checking = yes
</quote>
See the guides for more info on setting up the protcol.ora file. No real performance implications.
--
See http://osi.oracle.com/~tkyte/ for my columns 'Digging-in to Oracle8i'...
Current article is "Part I of V, Autonomous Transactions" updated June 21'st
Thomas Kyte tkyte_at_us.oracle.com Oracle Service Industries Reston, VA USA
Opinions are mine and do not necessarily reflect those of Oracle Corporation Received on Sun Nov 28 1999 - 17:04:44 CST