Re: Restriction on sqlplus access

"Jerry" <JerryB_at_hotmail.com> wrote in message news:<zhRba.205141$na.8035421_at_news2.calgary.shaw.ca>...
> hi,
>
> any way to prevent user to connect to oracle via sqlplus?
>
> the table product_user_profile seems to only disable some commands within
> sqlplus, but I want to set restriction on log in.

as a matter of fact, I was reading some code in Geoff Ingram's "High Performance Oracle" book on the train ride home this evening.

a logon trigger and a targeted drop table combined with auditing provided quite an elegant solution to blocking (and logging) attempted sessions by sqlplus and MS access. I believe that he recommended sending a message via dbms_alert to a session that is just there to kill sessions. You have to admit, its pretty funny to have a logon trigger send a message that says "kill session", sid, serial# to a session killer listening for such alerts.

I'd say that the addition an email notification to the site security officer would be a nice touch, but that is getting into BOFH land ...

Further bonus points would be to add the ip_address of the perpetrator to the protocol.ora (sqlnet.ora in 9i) to the list of excluded_nodes.

I haven't read enough chapters yet to recommend the book, (on chap 6) but so far its been a very good read.

Paul Received on Thu Mar 13 2003 - 23:48:45 CST