Oracle安全管理-tcp.invited_nodes白名单配置

tcp.invited_nodes白名单配置

tcp.validnode_checking=yes
sqlnet.encryption
SQLNET.EXPIRE_TIME=10
tcp.invited_nodes=(10.2.20.25,10.2.60.20,10.2.60.0/24,10.2.200.0/22)  --一定要写自己主机的IP地址啊@!!!!!!!!!!!
sqlnet.inbound_connect_timeout=30


使用10.2.248.x网段进行连接主机数据库如下:

bash-3.2$ sqlplus system/cmcc#2019@eoms39               

SQL*Plus: Release 11.2.0.4.0 Production on Wed Dec 9 15:19:54 2020

Copyright (c) 1982, 2013, Oracle.  All rights reserved.

ERROR:
ORA-12537: TNS:connection closed


在sqlnet.ora中添加如下开放限制
tcp.invited_nodes=(10.2.201.25,10.2.60.208,10.2.60.0/24,10.2.200.0/22,10.2.248.0/24)

 

重启监听

lsnrctl stop

lsnrctl start

 

重试连接
bash-3.2$ sqlplus system/cc#2019@eo39

SQL*Plus: Release 11.2.0.4.0 Production on Wed Dec 9 15:21:14 2020

Copyright (c) 1982, 2013, Oracle.  All rights reserved.

ERROR:
ORA-28002: the password will expire within 7 days

Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL> 

你可能感兴趣的:(ORACLE数据库审计-安全)