Re: need better security with SQL*Net and ORASRV
Date: Sat, 31 Oct 1992 12:10:32 GMT
Message-ID: <1992Oct31.121032.26479_at_cmutual.com.au>
In article <1992Oct29.181750.1_at_bbs.mdcbbs.com>, you write:
> I have a system running Oracle that has an ORASRV process running.
> My users that have local accounts also have OPS$ accounts so they
> can get automatic logins.
>
> My problem is with the ORASRV process running I cannot prevent (at
> least so far) ANY user from ANY other system running Oracle from gaining
> access to MY system's Oracle via SQL*Net. The ORASRV process allows
> access to OPS$J user accounts on other system is the username is the
> same.
For what you want to do, it is possible by starting up your orasrv using
"orasrv opsoff"
Access using OPS$user_account via SQL*Net is the least of your worries. You should be more concerned about remote access using remote SQLDBA
SQLDBA> Connect internal
or even
SQLDBA> shutdown abort
I wont go into details about how this done but to avoid this probable security breach, I suggest that you startup your orasrv using
"orasrv opsoff dbaoff"
Happy hacking
-- _____ ________ / ____ |Tony Jambu, Database Administrator /_ __ /_ __ / |Colonial Mutual Life Australia. (ACN 004021809) /(_)/ ((_/ \_/(///(/_)/_( |EMAIL: TJambu_at_cmutual.com.au \_______/ |PHONE: +61-3-6076448 FAX: +61-3-6076198Received on Sat Oct 31 1992 - 13:10:32 CET