Re: restricting listener access

FM <fabrizio.magni_at_mycontinent.com> wrote in message news:<2eu2d.264764$OR2.12001629_at_news3.tin.it>...
> Hello,
> I'm looking for a way to restrict oracle listener to accept commands
> from the local machine only, so forbidding remote administration.
>
> I particular I'd like to avoid a situation such:
>
> machine1 (ip1, listener1)
> machine2 (ip2, net8 installed).
>
> ip1 != ip2
>
> On machine one is configured a listener.ora with listener1 entry
> (pointing to ip1).
>
> When issued:
>
> lsnrctl stop
>
> on machine2 the listener is indeed stopped but on machine1.
>
> Is there a way to stop such events?
> Password and firewall are not good options... :(
>
> (By the way: it was tested on 8.1.7.x databases. I don't know if it is
> still valid for 9i and 10g: I'm trying soon).

The "problem" still exists in 9i. I can't test on 10g since I only have one installation of 10g on my PC so I can't remotely stop the listener (my remote machine has 9i; attempting to stop it returns TNS-12618: TNS:versions are incompatible).

The commands you can send this way are stop, save_config and reload. See item 16 at http://rootshell.be/~yong321/computer/OracleIdiosyncrasies.html. A few years ago I opened a Tar with Oracle for a better solution. They told me setting password in listener.ora is the only way.

Yong Huang Received on Tue Sep 21 2004 - 09:22:17 CDT