Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Securing isqlplus

Re: Securing isqlplus

From: Daniel Morgan <damorgan_at_exxesolutions.com>
Date: Tue, 20 May 2003 16:00:14 -0700
Message-ID: <3ECAB37E.88B432DA@exxesolutions.com>


Chuck wrote:

> <lots of snipping for brevity>
>
>
> >
> > What is scary is Oracle sacrificing its so far excellent record in
> > data security to a new front-end tool that isn't and over which they
> > have no control.
> >
> > Please Alison ... tell me it ain't so.
> > --
> > Daniel Morgan
> > http://www.outreach.washington.edu/extinfo/certprog/oad/oad_crs.asp
> > damorgan_at_x.washington.edu
> > (replace 'x' with a 'u' to reply)
> >
> >
> Think that's scary? I haven't found anything yet that indicates that OEM
> connections between the console and management server can be secured at
> all. It does not use sqlnet or https, just straight TCP. There is one
> thing however that we've all seemed to forgotten. You can always use a
> VPN over a public network, and that *is* secure whether you use https or
> not.

What you suggest is valid if Oracle is preparing to abandon the smaller firms that use its software to Microsoft. And that may be what is happening if one looks at the decision that was made to abandon the client-server market to Microsoft. Anyone doing c/s these days is using VB rather than Oracle Forms or continuing to use 6i.

But there are a large number of Oracle clients that are small to medium size and do not want to purhase a product that is unusable out of the box without going and negotiating for another product from another company. If Oracle can't figure out how to sell a complete solution in a box they need to check the thickness of the ice before they put on their skates.

--
Daniel Morgan
http://www.outreach.washington.edu/extinfo/certprog/oad/oad_crs.asp
damorgan_at_x.washington.edu
(replace 'x' with a 'u' to reply)
Received on Tue May 20 2003 - 18:00:14 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US