From: Chuck on
When using this parameter in sqlnet.ora, and specifying host names, are
there any checks performed to see if a hostname has been spoofed?
Perhaps comparing the client's IP with a DNS lookup of the host name?
From: ddf on
On Jun 29, 2:01 pm, Chuck <chuckh1958_nos...(a)gmail.com> wrote:
> When using this parameter in sqlnet.ora, and specifying host names, are
> there any checks performed to see if a hostname has been spoofed?
> Perhaps comparing the client's IP with a DNS lookup of the host name?

No. The list is used 'as-is' without any verification via DNS lookup.


David Fitzjarrell
From: Frank van Bortel on
On 06/29/2010 08:39 PM, ddf wrote:
> On Jun 29, 2:01 pm, Chuck<chuckh1958_nos...(a)gmail.com> wrote:
>> When using this parameter in sqlnet.ora, and specifying host names, are
>> there any checks performed to see if a hostname has been spoofed?
>> Perhaps comparing the client's IP with a DNS lookup of the host name?
>
> No. The list is used 'as-is' without any verification via DNS lookup.
>
>
> David Fitzjarrell

Not quite, David.

I cannot recall what exactly was the matter,
but I have had one instance where the listener
would not start because one of the clients
mentioned do longer existed.
Not sure if it was a DNS lookup to find the IP-address,
or the reverse (and the IP-address (DHCP!) was no
longer available).

Quite horrible if that's a production system, because
you will have to go through each and every name (in
case of DHCP clients) or IP-address (servers)

--

Regards,

Frank van Bortel
From: Mladen Gogala on
On Tue, 29 Jun 2010 21:18:16 +0200, Frank van Bortel wrote:

> On 06/29/2010 08:39 PM, ddf wrote:
>> On Jun 29, 2:01 pm, Chuck<chuckh1958_nos...(a)gmail.com> wrote:
>>> When using this parameter in sqlnet.ora, and specifying host names,
>>> are there any checks performed to see if a hostname has been spoofed?
>>> Perhaps comparing the client's IP with a DNS lookup of the host name?
>>
>> No. The list is used 'as-is' without any verification via DNS lookup.
>>
>>
>> David Fitzjarrell
>
> Not quite, David.
>
> I cannot recall what exactly was the matter, but I have had one instance
> where the listener would not start because one of the clients mentioned
> do longer existed.
> Not sure if it was a DNS lookup to find the IP-address, or the reverse
> (and the IP-address (DHCP!) was no longer available).
>
> Quite horrible if that's a production system, because you will have to
> go through each and every name (in case of DHCP clients) or IP-address
> (servers)

Based on my experience, it's far easier to block the undesired clients by
using the firewall rules than by using validnode checking. This feature
is useless.




--
http://mgogala.byethost5.com
From: ddf on
On Jun 29, 3:18 pm, Frank van Bortel <fbor...(a)home.nl> wrote:
> On 06/29/2010 08:39 PM, ddf wrote:
>
> > On Jun 29, 2:01 pm, Chuck<chuckh1958_nos...(a)gmail.com>  wrote:
> >> When using this parameter in sqlnet.ora, and specifying host names, are
> >> there any checks performed to see if a hostname has been spoofed?
> >> Perhaps comparing the client's IP with a DNS lookup of the host name?
>
> > No.  The list is used 'as-is' without any verification via DNS lookup..
>
> > David Fitzjarrell
>
> Not quite, David.
>
> I cannot recall what exactly was the matter,
> but I have had one instance where the listener
> would not start because one of the clients
> mentioned do longer existed.
> Not sure if it was a DNS lookup to find the IP-address,
> or the reverse (and the IP-address (DHCP!) was no
> longer available).
>
> Quite horrible if that's a production system, because
> you will have to go through each and every name (in
> case of DHCP clients) or IP-address (servers)
>
> --
>
> Regards,
>
> Frank van Bortel

That was likely an operating system check on connectivity rather than
Oracle verifying the location. The OP was asking, if I read this
correctly, about spoofed IP addresses indicating to me that the actual
server still exists but some unscrupulous malcontent is attempting to
connect via a spoofed IP. I doubt Oracle would catch such an
occurrence, happily allowing the spoofed access to the server.


David Fitzjarrell