Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Simple Oracle Net Security Question

Re: Simple Oracle Net Security Question

From: Michael J. Moore <hicamel_x_the_spam_at_attbi.com>
Date: Fri, 11 Oct 2002 04:10:40 GMT
Message-ID: <Wasp9.46853$7I6.151870@rwcrnsc52.ops.asp.att.net>


Thanks Howard!

"Howard J. Rogers" <howardjr2000_at_yahoo.com.au> wrote in message news:ROmp9.50438$g9.146024_at_newsfeeds.bigpond.com...
>
> "Michael J. Moore" <hicamel_x_the_spam_at_attbi.com> wrote in message
> news:CLmp9.44328$ST4.92423_at_rwcrnsc53...
> > Assume I am using REMOTE_LOGIN_PASSWORDFILE = EXCLUSIVE and I have
> properly
> > set up the password file. I then connect to my database from a remote
> client
> > using sql*plus. Furthermore Oracle Net is set up using a typical TCP/IP
> > connection.
> >
> > So, my question is, is that connection to the database considered to be
> > secure or could anybody with a sniffer easily see commands that I am
> sending
> > and data that is being returned?
>
> It's totally unsecure, and a sniffer would see everything.
>
> However, it is possible to take advantage of Oracle's Advanced Security
> features, one of which is to encrypt everything going across a Net8
> interconnection.
>
> At which point all the sniffer will sniff is garbled garbage.
>
> Regards
> HJR
>
>
>
> > Thanks,
> > Mike
> >
> >
>
>
Received on Thu Oct 10 2002 - 23:10:40 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US