you can control which client can access your database through the parameter TCP.VALIDNODE_CHECKING
to configure this feature, follow the following steps:
under $ORACLE_HOME/network/admin/sqlnet.ora file add the parameter
you can use the ‘vi’ editor if you are using Unix environment, to add the previous line.
Then, you Either specify the nodes you want them to be allowed OR the nodes that are NOT allowed (excluded):
*** here machineA are the only machine allowied to access the database
** here machineB is denied to access the database
you can use them both lines at the same time, but the precedence will be for TCP.INVITED
after adding the required lines under sqlnet.ora either “Reload the listener” OR “stop/start” the listener.
lsnrctl reload listenter_db
lsnrctl stop listenter_db
lsnrctl start listenter_db
******** When an attempt to access the database through sqlplus, the following oracle error is thrown(ORA-12537: TNS:connection closed) for non-authorized client nodes.
Important Remark: valid node can be bypassed through IP spoofing however, you can overcome this by enabling ip spoofing protection at kernel level in your Operating System.