Re: Is the client IP address available

This is exactly what I need. Thanks!
BTW, for those of you worried about security, I do not intend to use the IP address for security; rather I am trying to produce a tool which will broadcast messages to all users currently logged into the server... This should do the trick.

Kevin

Mike Morgan wrote:

> In 8.1.5 you can SELECT SYS_CONTEXT('USERENV','IP_ADDRESS') FROM DUAL to get
> your client's ip address.
>
> Eugene Firyago <efiryago_at_bisys.com> wrote in message [Quoted]
> news:8bqi5p$ss0$1_at_bob.news.rcn.net...
> > Check with Oracle8i (8.1.6) Supplied Packages Reference for the UTL_TCP
> > package.
> >
> > Eugene.
> >
> > Billy Verreynne <vslabs_at_onwe.co.za> wrote in message
> > news:8bqaic$fep$1_at_ctb-nnrp1.saix.net...
> > > Kevin Wise wrote in message <8booah$ia6$1_at_schbbs.mot.com>...
> > > >Is there any way to determine the IP address of the client from PL/SQL
> or
> > > >Java? I am trying to write a trigger that records the IP address where
> > > >certain changes are coming from. Thanks!
> > >
> > >
> > > My guess is no. If you're lucky, the client may specify an ip address in
> > the
> > > connection string that you can pick up in V$SESSIONS - e.g. Cognus'
> > > Impromptu tool used to do (still does?) this.
> > >
> > > On NT for example, the domain (or workgroup) and NetBIOS name of the
> > machine
> > > is specified (a feature of SQL*Net/Net8 on NT I believe).
> > >
> > > But there are several problems doing this type of thing.
> > >
> > > Not all clients specify the same type of connection strings, which
> renders
> > > the machine column in V$SESSION inconsistent. To access the V$SESSION
> > table
> > > requires DBA privs which may not be a good idea to grant for the owner
> of
> > > the trigger.
> > >
> > > Then there's the concept of using IP addresses - an ip address is very
> > > easily changed or spoofed. This can not be used to try and identify the
> > > machine who originated the change in data in Oracle. A better "address"
> is
> > > the physical Mac address of the network card. But even then, it is very
> > easy
> > > to walk into the office, slap in a network card from home into the PC
> and
> > > then change Oracle data to your heart's content without the slightest
> fear
> > > in being traced.
> > >
> > > IMHO, logging ip addresses may seem like a good idea, but it a waste of
> > time
> > > and resources and seldom achieve anything. Especially if the plan is to
> > use
> > > this for auditing and security purposes. It is really not difficult
> > hitting
> > > a target machine with a DoS attack and then spoofing that machine's IP
> > > address. Even ordinary users in your organisation can do this by simply
> > > downloading the right "tools" from the web (speaking here from personal
> > > experiences).
> > >
> > > Remember, that Oracle provides extensive security. It's a good idea to
> use
> > > it. The operating system Oracle runs on (be it NT or Unix) also provides
> > > security. Use it. If network security is critical, then use a firewall
> to
> > > protect your servers. If you need a middle layer between the client and
> > the
> > > server, then use 3 tier architecture and an application server that
> plays
> > > cop.
> > >
> > > Security is often an afterthought in database design and client-server
> > > implementations. And to be honest (without knowing the details of why
> you
> > > want to do this), recording ip addresses -sounds- to me a lot like a
> mere
> > > security afterthought.
> > > [Quoted]
> > > My crazed thoughts on the subject anyway... :-)
> > >
> > > regards,
> > > Billy
> > >
> > >
> > >
> >
> >
Received on Tue Apr 11 2000 - 22:30:36 CEST