Solved

DBA_DB_LINKS  internal or external

Posted on 2014-02-11
7
341 Views
Last Modified: 2014-02-11
if our database has an entry to another database in DBA_DB_LINKS , does that mean an account in our database can access this remote database (i.e. extract data from or insert data into), or that this remote database can access/insert data into our database?
0
Comment
Question by:pma111
  • 4
  • 3
7 Comments
 
LVL 34

Accepted Solution

by:
johnsone earned 500 total points
ID: 39849896
If it is in the local database that means you can connect to the remote database.  In order for the remote database to connect to your local database, that database needs a link too.

As far as what you can do in the database that is the object of the link, that is controlled by standard privileges of the user you are connecting to in the remote database.
0
 
LVL 3

Author Comment

by:pma111
ID: 39849934
is there anyway to determine which remote databases are connecting to your database? i.e. extracting from or inserting into your database, from their own database? and under what account the connection is made?
0
 
LVL 34

Expert Comment

by:johnsone
ID: 39849973
The account information is stored as part of the link.  That should be in DBA_DB_LINKS.  As far as what they are doing, I believe the only way to determine that is by turning on auditing.  To the database that is being connected to, it looks just like any other connection.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 3

Author Comment

by:pma111
ID: 39850066
im a little lost (happens easily), but in dba_db_links I should see both inbound and outbound links,

i.e. our db has access to remote database XYZ
and vice versa,
i..e external DB can access our DB using account XYZ

does this view contain credentials as well, i.e. if our db can access external db, persumably there is a password involved (for an account in their db), so where is that stored?
0
 
LVL 34

Expert Comment

by:johnsone
ID: 39850153
DBA_DB_LINKS is outbound links only.  There are no inbound links in DBA_DB_LINKS.  Really a database link is just a holder for a connection string that tells Oracle how to get to the database on the other side of the link.  There is no need for inbound links, they just come through as a normal connection.

If you look at the HOST and USER columns in DBA_DB_LINKS, that is the connect information for the outbound link.  HOST refers to the tnsnames entry that points to the database and USER is the user that is connected to.

In your example, external DB can access our DB using account XYZ, the database link for this would be in the external database and there is no link in the local database to support this.  Access is controlled through the XYZ account that is in the local database.  The link has the same privileges as the user XYZ in the local database.  If there is no link in the external database, then there cannot be a connection made through a link to the local database.
0
 
LVL 3

Author Comment

by:pma111
ID: 39850165
ok thanks, but theres no obvious way within your database to determine which external databases are accessing your database (i.e. updating, extracting or inserting) via a link?
0
 
LVL 34

Expert Comment

by:johnsone
ID: 39850356
If a database link was still open, you could identify the session in V$SESSION by looking at the MACHINE column.  But there is no way to distinguish a link for a standard session that I know of.  As for what the session is doing, some form of auditing would be the only way that you could find that out.

Again, what can be done through the link is controlled by the privileges of the user that is being connected to.  If they are connecting to XYZ user and that user doesn't have privileges to update, then you cannot update over the link.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Subquery in Oracle: Sub queries are one of advance queries in oracle. Types of advance queries: •      Sub Queries •      Hierarchical Queries •      Set Operators Sub queries are know as the query called from another query or another subquery. It can …
Working with Network Access Control Lists in Oracle 11g (part 2) Part 1: http://www.e-e.com/A_8429.html Previously, I introduced the basics of network ACL's including how to create, delete and modify entries to allow and deny access.  For many…
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
This video shows how to recover a database from a user managed backup

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now