TruTek

Moving up and away from the database server, the TNS (variously known as SQL*Net, Net8 or Oracle Net) layer of software provides both access to the database and security. This is the edge of the database, the gatekeeper if you will. As a separate service from the database itself, TNS has its own separate authorization and authentication for configuration and control. In my own informal polling, I would estimate that only a very small number of database administrators utilize any of the safeguards surrounding TNS configuration and control, and even fewer utilize the features of the Advanced Security Option, such as:

- Database authentication from external services (i.e., LDAP, Kerberos, etc.)

- Data protection using encryption (i.e., DES, 3DES)

- Data integrity-checking and validation using check-summing (i.e., MD5)

This article will not address the Advanced Security Option and these features. These features pertain to clearly identified security concerns and are nontrivial in their deployment, maintenance, and troubleshooting.

Rather, we will simply concentrate on the more mundane TNS issues:

- Authentication as a TNS administrator

- Authorization to perform startup, shutdown, display options and change configuration of TNS services

By default, TNS is wide open; allowing anybody with the TNS control programs the ability to do whatever he or she pleases.

When asked to "Select a payment method" for your free download, choose "Print and Call". Your download code will be e-mailed to you after we authorize it. International customers should enter TruTek's address as the shipping address and enter their real shipping address in the Special Instructions field on the payment screen.