Re: avoiding third party programs access to my database

tolgatoonja_at_yahoo.com (tolga toonja) wrote in message news:<857fe98f.0211130119.33efe479_at_posting.google.com>...
> I am trying to prevent a determined hacker from doing it.

If the determined hacker has the username & password to connect to the database, you've got some problems. You won't be able to rely on any of the data passed from the client (i.e. the executable name), since the hacker could spoof that data to look like your Delphi app.

Would restricting the IP addresses that are allowed to connect to the database be sufficient?

You may want to look into Oracle Advanced Security's authentication functionality <http://download-west.oracle.com/docs/cd/A87860_01/doc/network.817/a85430/asopart3.htm#436413>.

Justin Cave

>
> jocave_at_yahoo.com (Justin Cave) wrote in message news:<233b7a65.0211121217.44c9c40d_at_posting.google.com>...
> > tolgatoonja_at_yahoo.com (tolga toonja) wrote in message news:<857fe98f.0211120423.799bf26_at_posting.google.com>...
> > > I have an Oracle Database and a Delphi application using this database.
> > > I need to avoid third party programs to use or access my database.
> > > No other applications can use my database only my program can do.
> > > Is there a way to do this with oracle8i or 9i?
> >
> > There are ways, but none of them are particularly foolproof. Are you
> > trying to stop someone from accidentally firing up Access, say, and
> > mucking around in the database or are you trying to prevent a
> > determined hacker from doing it?
> > Justin Cave
Received on Wed Nov 13 2002 - 23:54:05 CET