| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: question:dbconsole security in 10g
emdproduction_at_hotmail.com wrote:
> Group,
>
> I just installed Oracle 10.0.2 on my linux box and enabled the EM
> console. I really like it. ( I am not using Grid control).
>
> But it seems to me that any body who has a IE can access the database
> if the password is compromised. That is a serious security hole, is
> it?
I don't think so. Anyone with Oracle client installed on their workstation can access the database too, provided that they know a valid userid and password. Make sure your passwords are strong enough to withstand simple decryption techniques and you'll be fine.
> Can I somehow restrict, say, only certain IP address can access the db
> control?
>
> Could somebody point me to an document ?
Look in http://tahiti.oracle.com for a document called Net Services Reference. In that doc, you will find the parameters for your sqlnet.ora configuration file. The parameter you are looking for is called SQLNET.INVITED_NODES. This lets you define the IP addresses of those that are allowed to connect to your database server.
HTH,
Brian
-- =================================================================== Brian Peasland dba_at_nospam.peasland.net http://www.peasland.net Remove the "nospam." from the email address to email me. "I can give it to you cheap, quick, and good. Now pick two out of the three" - UnknownReceived on Tue Jan 09 2007 - 11:06:05 CST
 |
 |