Re: Bequeath connections

From: Shakespeare <>
Date: Fri, 29 Jan 2010 20:17:50 +0100
Message-ID: <4b63344c$0$22944$>

Op 29-1-2010 20:10, Maxim Demenko schreef:
> On 29.01.2010 18:17, joel garry wrote:
>> On Jan 29, 1:47 am, Shakespeare<> wrote:
>>> Op 29-1-2010 3:30, vsevolod afanassiev schreef:> Thanks for this
>>> information. It seems that there are 4 lines in this
>>>> view for each session.
>>>> If session connected through listener then first line has
>>>> network_service_banner = 'TCP/IP NT Protocal Adapter'
>>>> If session connected through Bequeath then first line has
>>>> network_service_banner = 'Oracle Bequeath Network Protocol Adapter'
>>>> What's about next 3 lines? They start from 'Oracle Advanced
>>>> Security...' - I thought that
>>>> Advanced Security is separately licensed option - and we don't even
>>>> install it!
>>> Then maybe your DBA forgot to deactivate it. If you don't do so, the
>>> License Police may require you to pay the license.... even if you NEVER
>>> used it.
>>> Shakespeare
>> Hmmm, I see the four entries per connection, but I don't see anything
>> about Advanced Security in DBA_FEATURE_USAGE_STATISTICS or V_$OPTION
>> (
>> Maybe this is evidence of one of those things that are there for
>> Oracle internal usage but not generally seen unless you install it? I
>> don't have an Advanced Security to check. Given the high visibility
>> of security issues, I would hope the base product would be secure...
>> jg
>> --
>> is bogus.
>> The perfectability of spam

> Afaik, in the base product secured is only password transfer, nothing
> more, if you want your data to be transferred secure, you'll need either
> use secure channel (ipsec,tunnel over ssh,etc) or enable advanced
> security option. To my knowledge, ASO is installed, if you select
> enterprise edition, you can only deselect it if you choose custom
> install. The fact, that it is not reflected in
> dba_feature_usage_statistics is explained in the Note 843077.1
> <quote>
> The code changes in has isolated Oracle Advanced Security
> options as a set of adapters rather than feature in the database , due
> to which ASO should not be seen in DBA_FEATURE_USAGE_STATISTICS itself .
> </quote>
> However, due to bug 5475037 it still may be shown there.

> Whether the ASO is installed, can be verified with the shell script
> adapters, which yield output similar to

> oracle$ adapters

> Installed Oracle Net transport protocols are:


> Installed Oracle Net naming methods are:

> Local Naming (tnsnames.ora)
> Oracle Directory Naming
> Oracle Host Naming
> Error!!! Oracle Names Server Naming is not completely installed!

> Installed Oracle Advanced Security options are:

> RC4 40-bit encryption
> RC4 56-bit encryption
> RC4 128-bit encryption
> RC4 256-bit encryption
> DES40 40-bit encryption
> DES 56-bit encryption
> 3DES 112-bit encryption
> 3DES 168-bit encryption
> AES 128-bit encryption
> AES 192-bit encryption
> AES 256-bit encryption
> MD5 crypto-checksumming
> SHA-1 crypto-checksumming
> Kerberos v5 authentication
> RADIUS authentication

> I think, to install ASO is not a violation against license terms, if it
> is not used, however i'm not sure, how oracle track the usage of it (as
> opposite to options in dba_feature_usage_statistics).

> To deinstall ASO the most straightforward way would be via launch
> runInstaller.
> There is a Note 1020065.102 which describes, how to remove all external
> references to authentication adapters for Oracle 7.3, which basically
> consists of regeneration of nautab.o (the script genautab produces the
> code) and recompilation all oracle components (rdbms, network, etc),
> but, it seems, genautab is no more included since oracle 9i (in Oracle
> 8i it is still here), and, maybe the process doesn't fully apply to
> recent Oracle versions, so the Oracle Installer would be the right choice.

> Best regards

> Maxim

To my experience, Oracle LMS (License Management Services) checks if the option is unchecked in Enterprise Manager. I am not sure though, if this option still shows up there, have no installation available at the moment. For other options/packs: a check means installed means used means have to pay (according to Oracle).

Shakespeare Received on Fri Jan 29 2010 - 13:17:50 CST

Original text of this message