|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Charles Clancy (security
xauth.net)Date: Wed Oct 24 2001 - 13:40:58 CDT
> One such example is providing a secure tunnel for port 1521 on the remote
> box, without any other access to the machine at all. I can provide the
> username/password into the chrooted environment thereby allowing the
> tunnelled connection to be created.
> This is the quick and dirty way I've handled this, but if someone has a
> better way, I'd love to hear about it.
Why not just use stunnel?
Run stunnel on port X of your oracle server and wrap it to port 1521,
effectively creating an SSL Oracle listener service. I'm pretty sure the
8.1.7 client directly supports this, but if not:
Run stunnel on port Y on a remote machine, tunneling to port X on the
oracle server. Plain-text connections to Y on the remote machine are
SSL-tunneled to port X on the oracle server, which is then decrypted and
wrapped to port 1521 on the Oracle server.
stunnel: http://stunnel.mirt.net/ (official)
http://www.stunnel.org/ (unofficial but more helpful)
specific example: http://www.stunnel.org/examples/generic_tunnel.html
-- t. charles clancy <> tclancy
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]