| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> Re: Firewalling Oracle
comments inline:
On 1/12/06, jo_holvoet_at_amis.com wrote:
>
>
> Jared,
>
> we had to implement this for our auditors on our SAP production instance
> (because we couldn't turn remote_os_authent off). We are using invited
> nodes, BTW.
Can you say why remote_os_authent must remain enabled?
A couple of caveats spring to mind :
>
> 1) The first time we implemented it was on 8.1.7. The listener takes the
> list of nodes and looks up the IP. If any of the nodes were not
> resolvable,
> it basically let EVERY node connect again. Not exactly what you would
> expect.
>
> 2) We're now on 9.2.0.6 and the behaviour is now the opposite : if any of
> the node names are not resolvable, NOBODY connects. Better that 1), but
> ..
> Anyway, since this seems to change quite a bit between versions, you may
> want to do a teeny bit of testing :)
>
>
Thanks for the warning. There's always something to watch out for.
-- Jared Still Certifiable Oracle DBA and Part Time Perl EvangelistReceived on Thu Jan 12 2006 - 16:07:50 CST
 |
 |