Re: tcp.invited_nodes
From: Frank van Bortel <fbortel_at_home.nl>
Date: Tue, 29 Jun 2010 21:18:16 +0200
Message-ID: <290d0$4c2a46f9$524ba3af$14543_at_cache3.tilbu1.nb.home.nl>
On 06/29/2010 08:39 PM, ddf wrote:
> On Jun 29, 2:01 pm, Chuck<chuckh1958_nos..._at_gmail.com> wrote:
>> When using this parameter in sqlnet.ora, and specifying host names, are
>> there any checks performed to see if a hostname has been spoofed?
>> Perhaps comparing the client's IP with a DNS lookup of the host name?
>
> No. The list is used 'as-is' without any verification via DNS lookup.
>
>
> David Fitzjarrell
Date: Tue, 29 Jun 2010 21:18:16 +0200
Message-ID: <290d0$4c2a46f9$524ba3af$14543_at_cache3.tilbu1.nb.home.nl>
On 06/29/2010 08:39 PM, ddf wrote:
> On Jun 29, 2:01 pm, Chuck<chuckh1958_nos..._at_gmail.com> wrote:
>> When using this parameter in sqlnet.ora, and specifying host names, are
>> there any checks performed to see if a hostname has been spoofed?
>> Perhaps comparing the client's IP with a DNS lookup of the host name?
>
> No. The list is used 'as-is' without any verification via DNS lookup.
>
>
> David Fitzjarrell
Not quite, David.
I cannot recall what exactly was the matter,
but I have had one instance where the listener
would not start because one of the clients
mentioned do longer existed.
Not sure if it was a DNS lookup to find the IP-address,
or the reverse (and the IP-address (DHCP!) was no
longer available).
Quite horrible if that's a production system, because you will have to go through each and every name (in case of DHCP clients) or IP-address (servers)
-- Regards, Frank van BortelReceived on Tue Jun 29 2010 - 14:18:16 CDT