| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Crack Oracle Security like a peanut!
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
DA Morgan wrote:
> DAMorgan wrote:
>
>> Oracle's Password Transform
>>
>> Goals:
>> - Authentication information ("encrypted password") shall be portable
>> between machines with different character sets (ebcdic and ascii).
>> - It should handle non-enlish languages including those that require
>> 16 bits per character.
>> - If a user has the same password on two databases, the authentication
>> information will be the same on both machines.
>> - It should be hard to tell if two users have the same password.
>> - The password transform should be as hard to break as DES.
>>
>>
>> The Algorithm:
>> Convert the second checksum value into a machine independent form. >> Since we are not short on characters, express it as a hex string.
The headers added by his news service (talkaboutdatabases.com) indicate who he/she is and provide an avenue for reporting abuse. If you feel so inclined drop them an email. At least you'll be able to find out who's impersonating you.
Message-ID:
<b735dd778d20ab60f86f760a014ffa5c_at_localhost.talkaboutdatabases.com>
X-Newsreader: www.talkaboutdatabases.com X-Problems-To: info at talkaboutnetwork.com X-Posted-By: USERID-67788
iEYEARECAAYFAkMJ5XIACgkQzIf+rZpn0oRwXgCggZcEQZbSe9zEUaPlDZrH3iOD
ldoAmwdoSul+p/Amvk9pfE26ZSSWm17S
=ubjp
-----END PGP SIGNATURE-----
Received on Mon Aug 22 2005 - 09:47:14 CDT
 |
 |