Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: Funny sort of question re sys password

RE: Funny sort of question re sys password

From: Whittle Jerome Contr NCI <Jerome.Whittle_at_scott.af.mil>
Date: Wed, 10 Mar 2004 07:49:27 -0600
Message-ID: <DFEC3C69DE8C524DA705BC09A220740B029CACDE@AMCW2VN801.amc.ds.af.mil>


Tell them that the proof is in the pudding. Challenge them to a $10 bet; get out a stopwatch; and sit them at a computer. If they succeed, it will be $10 well spent to expose a security weakness. Otherwise enjoy the $10 and watching them squirm.

Jerry Whittle
ASIFICS DBA
NCI Information Systems Inc.
jerome.whittle_at_scott.af.mil
618-622-4145

> -----Original Message-----
> From: Nuno Souto [SMTP:dbvision_at_optusnet.com.au]
>
> Someone at work maintains that it takes them 10 minutes to
> break the Oracle SYS password security.
>
> And the Sun boof-head (a different person and I use the
> term loosely...) assures me he's capable of doing so any time
> he wants.
>
> Now, I've been away from this security stuff for a year or so and
> I may well be wrong here, but breaking the password security
> means cracking the Oracle encryption. While this may be possible,
> I can't believe it only takes 10 minutes?
>
> Wouldn't it rather be a case of social engineering at work?
> Or just a plain vanilla "change_on_install" case?
>
> <says he who used to change it to "changed",
> with the obvious funny consequences>
> Cheers
> Nuno Souto
> nsouto_at_optusnet.com.au
>



Please see the official ORACLE-L FAQ: http://www.orafaq.com

To unsubscribe send email to: oracle-l-request_at_freelists.org put 'unsubscribe' in the subject line.
--
Archives are at http://www.freelists.org/archives/oracle-l/
FAQ is at http://www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------
Received on Wed Mar 10 2004 - 07:51:20 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US