Controlling client connections using the TCP.VALIDNODE_CHECKING listener parameter
The usage of the valid node checking security feature is very similar to the TCP wrappers presented in Chapter 1, Operating System Security. Using this capability, you can deny or the allow connecting clients based on IP address or hostname.
Getting ready
All steps will be performed on nodeorcl1
.
How to do it...
- Open
$ORACLE_HOME/network/admin/sqlnet.ora
and enable valid node checking by settingTCP.VALIDNODE_CKECINK
as follows:TCP.VALIDNODE_CHECKING=ON
- Next, you can establish the hosts that will be allowed to connect by setting the
TCP.INVITED_NODES
parameter as follows:TCP.INVITED_NODES= {nodeorcl5}
- After you add the invited nodes you must reload the listener ...
Get Oracle 11g Anti-hacker's Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.