Oracle Server 11g: How Can I Disable Remote Connections?

Question

How can I disable remote connections to Oracle Server 11g?
The one way, I can use firewall for port 1521.
Is it possible to disable remote connections and leave just local connection for Oracle Server without firewall but only with Oracle Server settings?
For example, SQL Server 2008 (Express) has service for remote connections: SQL Browser. If it is not running, it is impossible to connect to server remotely.
Is it similar way for Oracle Server?

Answer 1

If you only want to be able to connect locally, don't start the Oracle Listener and only use ORACLE_SID to connect to the database. As long as a listener is running, remote access to the database is possible.

You don't explain why you have this requirement, so I start guessing. Being able to do application maintenance could be a good reason. If that is the case, why not work with restricted session privileges ? In that case, set the instance in restricted session so only users having restricted session privilege can connect to the database instance. Normally only specific administrator accounts should have this privilege.

alter system enable restricted session;

• stop existing session that should not live during maintenance.

• do the maintenance.

  alter system disable restricted session;

I hope this helps.

Answer 2

You can set your listener up on address localhost or 127.0.0.1, which will mean it's only visible from that machine. There will be nothing to firewall - there will be nothing listening on port 1521 on the machine's external IP address. You can confirm that with netstat.

You can't directly do it from within the database, if that's what you mean by 'only with Oracle Server settings'; all remote connections come through the listener and are handed off to the database.