Re: need better security with SQL*Net and ORASRV

In article <1992Oct29.181750.1_at_bbs.mdcbbs.com>, you write:
> I have a system running Oracle that has an ORASRV process running.
> My users that have local accounts also have OPS$ accounts so they
> can get automatic logins.
>
> My problem is with the ORASRV process running I cannot prevent (at
> least so far) ANY user from ANY other system running Oracle from gaining
> access to MY system's Oracle via SQL*Net. The ORASRV process allows
> access to OPS$J user accounts on other system is the username is the
> same.

For what you want to do, it is possible by starting up your orasrv using

    "orasrv opsoff"

Access using OPS$user_account via SQL*Net is the least of your worries. You should be more concerned about remote access using remote SQLDBA

    SQLDBA> Connect internal
    or even
    SQLDBA> shutdown abort

I wont go into details about how this done but to avoid this probable security breach, I suggest that you startup your orasrv using

    "orasrv opsoff dbaoff"

Happy hacking

-- 
 _____       ________ / ____ |Tony Jambu, Database Administrator
  /_  __       /_ __ /       |Colonial Mutual Life Australia. (ACN 004021809)
 /(_)/ ((_/ \_/(///(/_)/_(   |EMAIL:  TJambu_at_cmutual.com.au
 \_______/                   |PHONE:  +61-3-6076448       FAX:  +61-3-6076198