RE: Funny sort of question re sys password

From: David Sharples <dsharples_at_cerebrussolutions.com>
Date: Wed, 10 Mar 2004 10:36:43 -0000
Message-ID: <EA29A3FCC723674293FD6286D3F0513E572673@louis.cerebrus.com>

I believe you can do this by using trace files - and apparently can take a lot less :-)

-----Original Message-----

From: oracle-l-bounce_at_freelists.org
[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Nuno Souto Sent: 10 March 2004 10:08
To: Oracle L
Subject: Funny sort of question re sys password

Someone at work maintains that it takes them 10 minutes to break the Oracle SYS password security.

And the Sun boof-head (a different person and I use the term loosely...) assures me he's capable of doing so any time he wants.

Now, I've been away from this security stuff for a year or so and I may well be wrong here, but breaking the password security means cracking the Oracle encryption. While this may be possible, I can't believe it only takes 10 minutes?

Wouldn't it rather be a case of social engineering at work? Or just a plain vanilla "change_on_install" case?

<says he who used to change it to "changed", with the obvious funny consequences>
Cheers
Nuno Souto
nsouto_at_optusnet.com.au

---

Please see the official ORACLE-L FAQ: http://www.orafaq.com

---

To unsubscribe send email to: oracle-l-request_at_freelists.org put 'unsubscribe' in the subject line.
--

Archives are at http://www.freelists.org/archives/oracle-l/ FAQ is at http://www.freelists.org/help/fom-serve/cache/1.html

---

---

Please see the official ORACLE-L FAQ: http://www.orafaq.com

---

To unsubscribe send email to: oracle-l-request_at_freelists.org put 'unsubscribe' in the subject line.
--

Archives are at http://www.freelists.org/archives/oracle-l/ FAQ is at http://www.freelists.org/help/fom-serve/cache/1.html

---

Received on Wed Mar 10 2004 - 04:31:03 CST