«  
  »

Will Goldengate use Remote Procedure Call (RPC)?

作者: Maclean Liu , post on December 23rd, 2010 , English Version
【本站文章除注明转载外,均为本站原创编译】
转载请注明:文章转载自: Oracle Clinic – Maclean Liu的个人技术博客 [http://www.oracledatabase12g.com/]
本文标题: Will Goldengate use Remote Procedure Call (RPC)?
本文永久地址: http://www.oracledatabase12g.com/archives/will-goldengate-use-remote-procedure-call-rpc.html

Question:
My Customer using Oracle GoldenGate to sync data from 11.2.0.1 RAC (on Solaris 10 SPRAc 64bit) to 9.2.0.8 standalone DB (On solaris Sparc 64bit). My customer recently doing an OS security scan check for node of 11.2.0.1 RAC. The security scan check result saying the RAC node (HK8SP226) has a potential security issue on “rpcstatd: RPC statd remote file creation and removal”. My customer suspect that Goldengate is using RPC for file transfer. Would you please help to check if goldengate need to use RPC or not? if goldengate dont need to use RPC, then i will ask my csutomer to close this function in server

Supplementory information for security check result.

———————————————————————-

hk8sp226 {172.20.104.178} Solaris
H
rpcstatd: RPC statd remote file creation and removal
Remote Procedure Call (RPC) statd maintains state information in cooperation with RPC lockd to provide crash and recovery
functionality for file locking across the Network File System (NFS). Statd does not validate information received from a remote lockd.
By sending to the statd service an RCP or RDIST request including references to the parent directory (“..\”), an attacker can provide
false information to the rpc.statd file, allowing the creation of a file in an arbitrary directory on the host. This can be used to overwrite
pre-existing files or create new files on the host.

Answer:
Oracle GoldenGate transfers trail files over TCP/IP to the remote host which internally uses RPC for transferring the data to remote. You could let customer know about it and could exclude it from hardening.

© 2010, www.oracledatabase12g.com. 版权所有.文章允许转载,但必须以链接方式注明源地址,否则追究法律责任.

相关文章 | Related posts:

  1. Introduction to Oracle GoldenGate And GG Official Price
  2. 使用Oracle GoldenGate 11g实现零停机升级和迁移
  3. Real-Time Business Intelligence using Oracle GoldenGate
  4. Oracle GoldenGate: Disaster Recovery Solution
  5. How to create a GoldenGate uni-directional target database in a production database zero downtime
  6. Oracle GoldenGate:Real-time Access To Real-time Information
  7. Using Oracle GoldenGate for Siebel Zero Downtime Upgrades
  8. Introduction to Oracle GoldenGate: An Introduction to High Availability Solutions & Real-Time Data Integration
  9. GoldenGate Build for Oracle 8i
  10. How to understand goldengate report file statistics
GoldenGate, Oracle   , ,  
«  
  »

Leave a Reply

  

  

  

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

«  
  »