Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Simple Oracle Net Security Question

Re: Simple Oracle Net Security Question

From: Howard J. Rogers <howardjr2000_at_yahoo.com.au>
Date: Fri, 11 Oct 2002 08:11:53 +1000
Message-ID: <ROmp9.50438$g9.146024@newsfeeds.bigpond.com>

"Michael J. Moore" <hicamel_x_the_spam_at_attbi.com> wrote in message news:CLmp9.44328$ST4.92423_at_rwcrnsc53...
> Assume I am using REMOTE_LOGIN_PASSWORDFILE = EXCLUSIVE and I have
properly
> set up the password file. I then connect to my database from a remote
client
> using sql*plus. Furthermore Oracle Net is set up using a typical TCP/IP
> connection.
>
> So, my question is, is that connection to the database considered to be
> secure or could anybody with a sniffer easily see commands that I am
sending
> and data that is being returned?

It's totally unsecure, and a sniffer would see everything.

However, it is possible to take advantage of Oracle's Advanced Security features, one of which is to encrypt everything going across a Net8 interconnection.

At which point all the sniffer will sniff is garbled garbage.

Regards
HJR
> Thanks,
> Mike
>
>
Received on Thu Oct 10 2002 - 17:11:53 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US