Great Circle Associates Firewalls
(June 1997) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: SQLNet proxy that checks userid's?
From: "Eric V. Smith" <EricSmith @ windsor . com>
Date: Mon, 23 Jun 1997 14:15:00 -0400 (EDT)
To: firewalls @ GreatCircle . COM
Reply-to: EricSmith @ windsor . com 
Does anyone know of an Oracle SQLNet proxy that will allow or deny
a connection based on the Oracle userid?

I have a client with a web server on a DMZ.  They want to allow 
connections from it to an internal Oracle database, but they want
to ensure that only a read-only userid is used.  If a connection
tries to use any other userid, I want to disallow (and log, obviously)
the attempt.

I've checked Gauntlet (the only one for which I could find information)
and they allow/deny based on src IP, dest IP and port, and Oracle SID.
I'd like to add the Oracle userid.  I don't care how graceful it is,
I'd just like to shutdown the connection if I detect anything other
than an allowed userid being used.

Alternatively, does anyone know a _public_ source that contains
enough information to write such a SQLNet proxy myself?

TIA.

Eric.

-- 
Eric V. Smith           | For opinion in good men is but knowledge 
EricSmith @
 windsor .
 com   |     in the making.
Windsor Software Corp   +----------------------------------+ John Milton
http://www.windsor.com/   Windows NT, Unix, SQL Server     |  1608-74
Indexed By Date Previous: Re: Is six weeks long enough to become a security expert
From: "Steven Johnson (BUS)" <johnson @ bayflash . stpt . usf . edu>
Next: Re: Class B Address
From: "David Harvey-George" <david @ threewiz . demon . co . uk>
Indexed By Thread Previous: Not read: Firewalls-Digest V6 #289
From: "McAndrew Robert" <McAndrewR @ bah . com>
Next: EC
From: David Murray <David . Murray @ camtech . com . au>
Google
 
Search Internet Search www.greatcircle.com