Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Verifying passwords have been changed in oracle

Re: Verifying passwords have been changed in oracle

From: Stephen Harris <sweh_at_spuddy.mew.co.uk>
Date: Thu, 7 Nov 2002 16:50:14 -0500
Message-ID: <m6neqa.8tu.ln@spuddy.org> 





Ed Stevens <spamdump_at_nospam.noway.nohow> wrote:


> On Thu, 7 Nov 2002 08:09:28 -0500, sweh_at_spuddy.mew.co.uk (Stephen Harris) wrote:



>>  Option 1: attempt to connect as system/manager.
>>
>>  Downside: auditing of these accounts will be strict.  Showing additional
>>    login success or fail attempts will help obfuscate any real audit
>>    alert oddities.  Our security team has complained about this





> I'd use Option 1 and tell the security team to get over it.  Coordinate with




I may have to.



> them so they KNOW when to EXPECT these entries.




Unfortunately this will be running in an automated environment so there's
no guarantee of _when_ the attempt will be made.  It could be once a day
per database, or multiple times, and depending on the load the exact time
will vary anyway.  Ah well.


-- 
                                 Stephen Harris
                              sweh_at_spuddy.mew.co.uk
      The truth is the truth, and opinion just opinion.  But what is what?
       My employer pays to ignore my opinions; you get to do it for free.


Received on Thu Nov 07 2002 - 15:50:14 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US