| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Oracle versus Sqlserver
Well for one thing it is far easier to put rogue code onto the machine to
snoop out passwords. I wrote an article some years back for for a major
database publication on the fact that Microsoft's ODBC trace facility did
not obscure passwords in the trace file ... listed them in plain text.
Something you would never see on a UNIX box.
Daniel Morgan
Niall Litchfield wrote:
> "kc" <kc_news2000_at_yahoo.com> wrote in message
> news:a20fe1ab.0201250737.61d608a8_at_posting.google.com...
> > It is harder to crack an Oracle box because of the general
> > background of Oracle DBAs. I have encountered many SQL server machines
> > that do not have a password for "SA" account (Is that part of the
> > MCDBA training?? It always amazes me when I find this.). I have never
> > encountered an Oracle box that did not have a password for the "SYS"
> > or "SYSTEM" account.
>
> Of course change_on_install & manager respectively.
>
> > Oracle on something other than Windows is a very
> > good bet for security.
>
> I'm interested as to why you suggest Oracle on Windows is inherently
> insecure. is this a configuration or platform issue.
>
> --
> Niall Litchfield
> Oracle DBA
> Audit Commission UK
> *****************************************
> Please include version and platform
> and SQL where applicable
> It makes life easier and increases the
> likelihood of a good answer
>
> ******************************************
Received on Fri Jan 25 2002 - 04:13:39 CST
 |
 |