Re: tcp.invited_nodes
From: ddf <oratune_at_msn.com>
Date: Wed, 30 Jun 2010 04:51:20 -0700 (PDT)
Message-ID: <5d93b85f-5870-4634-a337-f3eea3a21c8c_at_g22g2000pri.googlegroups.com>
On Jun 29, 3:18 pm, Frank van Bortel <fbor..._at_home.nl> wrote:
> On 06/29/2010 08:39 PM, ddf wrote:
>
> > On Jun 29, 2:01 pm, Chuck<chuckh1958_nos..._at_gmail.com> wrote:
> >> When using this parameter in sqlnet.ora, and specifying host names, are
> >> there any checks performed to see if a hostname has been spoofed?
> >> Perhaps comparing the client's IP with a DNS lookup of the host name?
>
> > No. The list is used 'as-is' without any verification via DNS lookup.
>
> > David Fitzjarrell
>
> Not quite, David.
>
> I cannot recall what exactly was the matter,
> but I have had one instance where the listener
> would not start because one of the clients
> mentioned do longer existed.
> Not sure if it was a DNS lookup to find the IP-address,
> or the reverse (and the IP-address (DHCP!) was no
> longer available).
>
> Quite horrible if that's a production system, because
> you will have to go through each and every name (in
> case of DHCP clients) or IP-address (servers)
>
> --
>
> Regards,
>
> Frank van Bortel
Date: Wed, 30 Jun 2010 04:51:20 -0700 (PDT)
Message-ID: <5d93b85f-5870-4634-a337-f3eea3a21c8c_at_g22g2000pri.googlegroups.com>
On Jun 29, 3:18 pm, Frank van Bortel <fbor..._at_home.nl> wrote:
> On 06/29/2010 08:39 PM, ddf wrote:
>
> > On Jun 29, 2:01 pm, Chuck<chuckh1958_nos..._at_gmail.com> wrote:
> >> When using this parameter in sqlnet.ora, and specifying host names, are
> >> there any checks performed to see if a hostname has been spoofed?
> >> Perhaps comparing the client's IP with a DNS lookup of the host name?
>
> > No. The list is used 'as-is' without any verification via DNS lookup.
>
> > David Fitzjarrell
>
> Not quite, David.
>
> I cannot recall what exactly was the matter,
> but I have had one instance where the listener
> would not start because one of the clients
> mentioned do longer existed.
> Not sure if it was a DNS lookup to find the IP-address,
> or the reverse (and the IP-address (DHCP!) was no
> longer available).
>
> Quite horrible if that's a production system, because
> you will have to go through each and every name (in
> case of DHCP clients) or IP-address (servers)
>
> --
>
> Regards,
>
> Frank van Bortel
That was likely an operating system check on connectivity rather than Oracle verifying the location. The OP was asking, if I read this correctly, about spoofed IP addresses indicating to me that the actual server still exists but some unscrupulous malcontent is attempting to connect via a spoofed IP. I doubt Oracle would catch such an occurrence, happily allowing the spoofed access to the server.
David Fitzjarrell Received on Wed Jun 30 2010 - 06:51:20 CDT