FW-1 may be configured to used either Client or Session authentication
for services other than ftp, telnet, rlogin, and http.
With client authentication, you effectively authenticate all users on
a host to be able to use the services you specify, including SQLnet.
With Session authentication, you enable a user on any machine to begin the
authentication process just by starting the client process used to access
the Oracle database. FireWall-1 3.0 supplies a session authentication agent
that I have tried with telnet and finger, and it works well in a very simple
lab setup.
The Session Authentication agent can be found in the AGENTS subdirectory of
the platform directories on the 3.0 CD
--- jerald
jj>X-Sender: palan @
202 .
190 .
59 .
4
jj>Date: Mon, 11 Aug 1997 17:53:06 +0800
jj>To: firewalls @
greatcircle .
com
jj>From: ö PaLaN ö <palan @
dataprep .
com .
my>
jj>Subject: Oracle Authentication on FW-1
jj>Mime-Version: 1.0
jj>Content-Transfer-Encoding: quoted-printable
jj>
jj>Folks,
jj>
jj>Does FW-1 has the capability to authenticate Oracle clients before they
jj>actually allowed to access the server, just like the Telnet/FTP
jj>authentication ?? I know the client uses TCP1526 port to access the server
jj>but I need to come out with authentication before they can proceed....can
jj>anybody advice me on this or is there any work around for this ??
jj>
jj>Thanks,
jj>ö PaLaN ö
jj>
jj>Security Analyst
jj>West Malaysia.
jj>_______________________________________________
jj>"Here is my key ... lets exchange packets now."
jj>
/\ Jerald E. Josephs
\\ \ Course Developer - Network Security
\ \\ / Sun Educational Services
/ \/ / /
/ / \//\
\//\ / /
/ / /\ /
/ \\ \ Phone/VM: 408-276-0941
\ \\ FAX: 408-276-1565
\/ E-mail: jerald .
josephs @
EBay .
Sun .
COM
|
|
