Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Securing isqlplus
Chuck wrote:
> <lots of snipping for brevity>
>
>
> >
> > What is scary is Oracle sacrificing its so far excellent record in
> > data security to a new front-end tool that isn't and over which they
> > have no control.
> >
> > Please Alison ... tell me it ain't so.
> > --
> > Daniel Morgan
> > http://www.outreach.washington.edu/extinfo/certprog/oad/oad_crs.asp
> > damorgan_at_x.washington.edu
> > (replace 'x' with a 'u' to reply)
> >
> >
> Think that's scary? I haven't found anything yet that indicates that OEM
> connections between the console and management server can be secured at
> all. It does not use sqlnet or https, just straight TCP. There is one
> thing however that we've all seemed to forgotten. You can always use a
> VPN over a public network, and that *is* secure whether you use https or
> not.
What you suggest is valid if Oracle is preparing to abandon the smaller firms that use its software to Microsoft. And that may be what is happening if one looks at the decision that was made to abandon the client-server market to Microsoft. Anyone doing c/s these days is using VB rather than Oracle Forms or continuing to use 6i.
But there are a large number of Oracle clients that are small to medium size and do not want to purhase a product that is unusable out of the box without going and negotiating for another product from another company. If Oracle can't figure out how to sell a complete solution in a box they need to check the thickness of the ice before they put on their skates.
-- Daniel Morgan http://www.outreach.washington.edu/extinfo/certprog/oad/oad_crs.asp damorgan_at_x.washington.edu (replace 'x' with a 'u' to reply)Received on Tue May 20 2003 - 18:00:14 CDT