Basic firewall rule make sure your firewall rules only allow trusted servers to access ports or in this case make sure the host that is the coldfusion server is the only one allowed to connect on that port.
and changing the port to a non default value will assist. it is no guarantee of security. It will just take them a lot longer to work out what is on the other side of the firewall at that port. Cheers -- ================================================= Peter McLarty E-mail: [EMAIL PROTECTED] Technical Consultant WWW: http://www.mincom.com APAC Technical Services Phone: +61 (0)7 3303 3461 Brisbane, Australia Mobile: +61 (0)402 094 238 Facsimile: +61 (0)7 3303 3048 ================================================= A great pleasure in life is doing what people say you cannot do. - Walter Bagehot (1826-1877 British Economist) ================================================= Mincom "The People, The Experience, The Vision" ================================================= This transmission is for the intended addressee only and is confidential information. If you have received this transmission in error, please delete it and notify the sender. The contents of this e-mail are the opinion of the writer only and are not endorsed by the Mincom Group of companies unless expressly stated otherwise. "dist cash" <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 27-08-2002 07:41 AM Please respond to ORACLE-L To: Multiple recipients of list ORACLE-L <[EMAIL PROTECTED]> cc: Fax to: Subject: [Q] security between Cold fusion and oracle database? We have ORACLE 8.1.7 on NT server. users can through Internet Cold fusion server (with ODBC) access ORACLE database. Between Cold fusion server and ORACLE server their has firewall on it. The firewall only open port 1521 to allow ODBC access to ORACLE database. We are worry the hacker may hack into ORACLE database (even firewall their) and plan to change port from 1521 to XXXX. Is this way improve security? We are NOT plan to buy ORACLE advance security module. Does their has other way to improve security between Cold fusion server to ORACLE server? Thanks. _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: dist cash INET: [EMAIL PROTECTED] Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 San Diego, California -- Public Internet access / Mailing Lists -------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: INET: [EMAIL PROTECTED] Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 San Diego, California -- Public Internet access / Mailing Lists -------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).