Ideas on how to restrict non-prod servers from connecting to prod sql servers

Similar Messages

• How to restrict non root users from changing proxy settings Ubuntu 12.04?

  I have two Ubuntu 12.04 Desktops with Ncomputing vSpace software configured for remote terminal users of Ncomputing L300 thin clients. Both these desktops have Squid configured and connected to internet. So in a way users logging in to these machines can directly access internet without squid. Now users can remove the proxy and have unrestricted access anytime. Which is the reason I want to enforce proxy on users settings which they cannot change. I am fine if the settings makes it mandatory for root or sudo user of Ubuntu. Is this possible ?

  Use a mozilla.cfg file in the Firefox program folder to lock prefs or specify new (default) values.
  Place a local-settings.js file in the defaults\pref folder where also the channel-prefs.js file is located to specify using mozilla.cfg.
  pref("general.config.filename", "mozilla.cfg");
  These functions can be used in the mozilla.cfg file:
  defaultPref(); // set new default value
  pref(); // set pref, but allow changes in current session
  lockPref(); // lock pref, disallow changes
  See:
  *http://kb.mozillazine.org/Locking_preferences
  *http://mike.kaply.com/2012/03/16/customizing-firefox-autoconfig-files/
  *http://mike.kaply.com/2014/01/08/can-firefox-do-this/

• How to restrict the user(Schema) from deleting the data from a table

  Hi All,
  I have scenario here.
  I want to know how to restrict a user(Schema) from deleting the values from a table created in the same schema.
  Below is the example.
  I have created a table employee in abc schema which has two values.
  EMPLOYEE
  ABC
  XYZ
  In the above scenario the abc user can only fire select query on the EMPLOYEE table.
  SELECT * FROM EMPLOYEE;
  He should not be able to use any other DML commands on that table.
  If he uses then Insufficient privileges error should be thrown.
  Can anyone please help me out on this.

  Hi,
  kumar0828 wrote:
  Hi Frank,
  Thanks for the reply.
  Can you please elaborate on how to add policies for a table for just firing a select DML statement on table.See the SQL Packages and Types manual first. It has examples. You can also search the web for examples. This is sometimes called "Virtual Private Database" or VPD.
  If you have problems, post a specific question here. Include CREATE TABLE and INSERT statements to create a table as it exists before the policies go into effect, the PL/SQL code to create the policies, and additonal DML statements that will be affected by the policies. Show what the table should contain after each of those DML statements.
  Always say which version of Oracle you're using. Confirm that you have Enterprise Edition.
  See the forum FAQ {message:id=9360002}
  The basic idea behind row-level security is that it generates a string that is automatically added to SELECT and/or DML statement WHERE clauses. For example, if user ABC is only allowed to query a table on Sunday, then you might write a function that returns the string
  USER  != 'ABC'
  OR      TO_CHAR (SYSDATE, 'DY', 'NLS_DATE_LANGUAGE=ENGLISH') = 'SUN'So whenever any user says
  SELECT  *
  FROM    table_x
  ;what actually runs is:
  SELECT  *
  FROM    table_x
  WHERE   USER  != 'ABC'
  OR      TO_CHAR (SYSDATE, 'DY', 'NLS_DATE_LANGUAGE=ENGLISH') = 'SUN'
  ;If you want to prevent any user from deleting rows, then the policy function can return just this string
  0 = 1Then, if somone says
  DELETE  employee
  ;what actually gets run is
  DELETE  employee
  WHERE   0 = 1
  ;No error will be raised, but no rows will be deleted.
  Once again, it would be simpler, more efficient, more robust and easier to maintain if you just created the table in a different schema, and not give DELETE privileges.
  Edited by: Frank Kulash on Nov 2, 2012 10:26 AM
  I just saw the previous response, which makes some additional good points (e.g., a user can always TRUNCATE his own tables). ALso, if user ABC applies a security policy to the table, then user ABC can also remove the policy, so if you really want to prevent user ABC from deleting rows, no matter how hard the user tries, then you need to create the policies in a different schema. If you're creating things in a different schema, then you might as well create the table in a different schema.

• Any ideas on how to remove a small scratch from the screen or whether it is covered by apple?

  Any ideas on how to remove a small scratch from the screen or whether it is covered by apple?

  Call Apple Care and ask them if your computer is still under warranty. 

• How to run non-customised report from command prompt to gen trace file?

  Hi
  how to run non-customised report from command prompt to gen trace file?
  EBS R12 RUP6.
  RHEL5
  rgrds

  Hi,
  See (Note: 285497.1 - Rwrun.sh Does Not Generate Trace Output Using TRACEOPTS in Command Line) and/or (Note: 737445.1 - R12 Concurrent Requests Run Forever; rwrun Errors REP-50125) for the command you need to use.
  Thanks,
  Hussein

• HT4199 how do I stop my mac from connecting to a non-secure network in my area instead of my preferred network.

  How do I stop my mac from connecting to a non-secure network in my area instead of my preferred secure network

  Linc's answer is correct but I know it does not always work.
  If security is critical use a wired ethernet connection preferably with a fixed IP and the router's DHCP server turned off.

• OSX 10.8 server Set VPN server in Local net, How to restrict the Local some IP connect to the VPN server?(noob,so need clearly)

  the tittle is my question. I am noob , so I hope i can make my question clear. Now i 'd like to tell you more about my question:
  My aim is to set a VPN server in Local lan, then ppl can connect to the VPN server, But I dont wanna all of the Local lan IP cant connet to it. So I neet to set a rule to restrick some local Ip to connect failure, just like banning so IP in a rule.such as: just like the "192.168.4.3~192.168.4.20 ; 192.168.7.3~192.168.7.20 " IPs can connect . the IPs which outside the rules can not do.
  my step is following:
  1) install server app
  2)and then i set a VPN server , finally the VPN server can be connected successfully by local lan computer(PC or Mac)
  3)But i found no restrict IP founction in Server app panel.
  4)then i down load workgroup manager, and found nothing there about such a founction about IP restriction.
  so can you tell me how to aproach my aim?
  Please tell me in a clear detail,I am noob
  thank you

  Won't the password restrict everyone from connecting unless they know the password?
  I have never worked with a VPN server, so I can't really add any suggestions. Below are links to Apple support articles, but I'm not sure they will help you:
  VPN - Set up Connection
  VPN - Advanced Setup 
  VPN - Connect
  VPN - Connect Automatically

• How to restrict a schema owner from granting privileges to other users.

  How can we restrict a schema owner from granting privileges to other users on his objects (e.g. tables). Lets say we have user called XYZ and he has tables in his schema TAB1, TAB2 an TAB3. How can we restrict user XYZ from granting privileges on TAB1, TAB2 and TAB3 to other users in the database. Is it possible in Oracle 10g R2? Any indirect or direct way to achieve this? Please help on this.
  Thanks,
  Manohar

  Whenever someone is trying to prevent an object owner from doing something, that's generally a sign of a deeper problem. In a production database, the object owner shouldn't generally have CREATE SESSION privileges, so the user shouldn't be able to log in, which would prevent the user from issuing any grants.
  As a general rule, you cannot stop an object owner from granting privileges on the objects it owns. You can work around this by creating a database-level DDL trigger that throws an exception if the user issuing the statement is XYZ and the DDL is a GRANT. But long term, you probably want to get to the root of the problem.
  Justin
  Edited by: Justin Cave on Nov 6, 2008 9:52 PM
  Enrique beat me to it.

• OIM 11g-How to restrict the role administrator from seeing "other" roles

  Dear All,
  How to restrict Administrator from seeing roles he is not suppose to administer?
  My administrator is suppose to assign only Role A. When he logs in He can see every single role. How to correct it so that he can see only Role A?
  Thank you for your time
  Maria

  Modify "All User Role Management Policy"

• How to make none root user to connect to TCP Port  (web ports)

  how to make none root user (any user)
  to connect to TCP Port 80 or port 81 or any port less than 1024
  cause i have web server i want to run and stop service with none root userand on port 80 and port 81
  can you help me and give me steps

  I believe Solaris 9 also has RBAC control. If so then all you need to do is present the uid with the PRIV_NET_PRIVADDR privilege. See the privielegs(5) manpage for more information on the subject.
  This privilege will allow the userid to bind to ports < 1024. You can give a user this privilege either by using usermod (you will probably need the auth_attr(4) manpage as well) after which you need to login again. Or you can try using ppriv to modify the privileges on the users shell.

• How to restrict number of hits from a browser, within a specific interval.

  Hi,
  we have a web app in which user clicks on a specific submit continously. This fills up the server threads and other users trying to login either get a timeout or page not found. my questions ---
  1. Is there a way to configure weblogic to timeout the httprequest and also the underlying thead which is doing the work.
  2. Is there a way to restrict number of requests from a client within a specific interval..
  thanks in advance..

  Hello Benita
  Set the dialog type of your search help = 'A' (dialog depends on set of values).
  Regards
    Uwe

• How do I stop my iPhone from connecting to the WiFi connection that my laptop just used?

  I have an iPhone (7.1.2) and MacBook Pro (10.9.4). When I connect to a WiFi connection on my laptop, my iPhone always connects to the same network, even though I've explicitly told my iPhone to forget about specific networks.This issue ends up disabling the internet on my iPhone, as I often connect to networks on my laptop that require VPN connections, logins, etc that I am unable or unwilling to do on my iPhone. How do I keep the two separate?

  Let me give you an example. I'm at a United lounge at O'Hare Airport right now. They have WiFi here but it requires that you log on in order to connect to the internet. I connect to WiFi from my laptop. All good. Then, immediately, my iPhone connects to the same network. But because I haven't logged on from my iPhone, I can't get online. This kills the internet on my iPhone because I'm connected to a network with no internet access. If on my iPhone I "Forget this Network" and then come back next week, I'll find that it connects to the exact same network.
  I travel a lot and almost all of the networks I use on a daily basis require a login of some sort.
  I could turn off WiFi but then I have to remember to turn it on when I actually do want to connect to a network, like when I'm at home.
  Any idea how to prevent the mirroring of WiFi connections? Or at a minimum make sure the "Forget this Network" option actually works?

• How to retrive the blob data from a table using sql query

  Hi gurus,
  I have a table which has " BLOB "content in a column .I want to view the data From BLOB column using sql query .It would be helpfull If some one share their idea.
  Regards,
  vardhani.

  You can use data templates.
  See this: http://blogs.oracle.com/xmlpublisher/entry/blob_clob_raw_and_looooong
  http://blogs.oracle.com/xmlpublisher/entry/inserting_blobs_into_your_repo
  Thanks,
  Bipuser

• How can I restrict non-adminstrator user from openning Forefox in "safe mode"?

  I want to have parental control on the computer. I have added 'ProConn Latte' to Firefox which serves that purpose but my teenager figured out that he can simply open Firefox in "safe mode" (an option under the START menu) and bypass the control. I have already added administrator password security to MSWindows so that he can not work around his limited user settings but the Firefox loophole still remains.

  Another option you may consider exploring:
  The Safe Mode feature can also be disabled by modifying firefox files, that is explained in [https://support.mozilla.com/en-US/questions/664785#answer-128337 answer to ] ''How to *permanently* disable Firefox Safe Mode option?''
  Remember to password protect all admin accounts, including the normally hidden System Administrator account (which probably has no password set by default), but make sure you have that passwords secure somewhere, &/or have a password reset floppy.
  A determined & knowledgeable teenager will get past most things you attempt to do, especially if you are not actually watching the computer use; maybe even running a different OS from a CD. Quite possibly the teenager has unrestricted access to the internet elsewhere anyway.

• How to print non XFA pdf from LC

  Hi,
  I am aware that this is not neccessary a LC Output question,but could not find a better place for it
  I cannot find a service in LC ES2 that can print a normal (non XFA) pdf to a printer – can this be true?? If it is an XFA form, we can use the generatePrintedOutput and create PCL or PS depending on the target printer. But how would you do it with a flat pdf with watermark or a word document converted to pdf on LC??
  Must be alot of clever people having solved this issue outthere, bring it on
  Thanks,
  Thomas Groenbaek
  Jyske Bank, Denmark

  I know, but I do not want to send the pdf directly - want to convert it to ps or pcl.
  If the pdf is a XFA i can use the generatePrintedOutput and works fine. But in this case it is a "flat"/non xfa and I want LC to be able to convert it to a printer language format to print it. How is this done in the best way?
  I see a toPS from convertToPdf service, is that handy?
  Is xdc files the way?
  good input and best practices is appreciated
  Thanks,
  Thomas