Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Simple Oracle Net Security Question
"Michael J. Moore" <hicamel_x_the_spam_at_attbi.com> wrote in message
news:CLmp9.44328$ST4.92423_at_rwcrnsc53...
> Assume I am using REMOTE_LOGIN_PASSWORDFILE = EXCLUSIVE and I have
properly
> set up the password file. I then connect to my database from a remote
client
> using sql*plus. Furthermore Oracle Net is set up using a typical TCP/IP
> connection.
>
> So, my question is, is that connection to the database considered to be
> secure or could anybody with a sniffer easily see commands that I am
sending
> and data that is being returned?
It's totally unsecure, and a sniffer would see everything.
However, it is possible to take advantage of Oracle's Advanced Security features, one of which is to encrypt everything going across a Net8 interconnection.
At which point all the sniffer will sniff is garbled garbage.
Regards
HJR
> Thanks,
> Mike
>
>
Received on Thu Oct 10 2002 - 17:11:53 CDT