Hey, quick question. I know NOTHING about ODBC or how ColdFusion communicates
with various DB systems, but I've taken it on myself to make sure our in house
CF server is secure.
I haven't setup the CF server but I do have access to the ColdFusion
administrator area and my DBA can do whatever I need to the Oracle server.
(They're two separate boxes.)
My basic question is how do I secure the communications between these two
servers. Do I need something like an SSL token? Is the protocol they use
already encrypted? We basically use a generated query like this to change a
password, and my fear is that someone using Wireshark/Ethereal can snoop the
password as it travels from CF to Oracle if it's sent in clear text.
UPDATE DS.APPLUSERACCOUNTS
SET DATELASTMODIFIED = #CREATEODBCDATETIME(NOW())#,
LASTMODIFIEDBYID = '7684895',
PWEXPIRATION = #CREATEODBCDATETIME(NOW()+90)#,
HPASSWORD =
dbms_utility.get_hash_value('sTY23a2f41ffWY',1,100000000)
WHERE DS.APPLUSERACCOUNTS.USERID = '9999999'
Hope I'm clear in this. You don't have to give me direct instructions but if
you can point me in the right direction I'd appreciate it!
Ramon Ecung, BS, ACHDS, MCP
Support Services Analyst - Web Application Developer
Division of Cancer Medicine - FC10.2005
713-794-4273 | [email protected] | Unit 421
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Houston ColdFusion
Users' Group" discussion list.
To unsubscribe, send email to [email protected]
For more options, visit http://groups.google.com/group/houcfug?hl=en
-~----------~----~----~----~------~----~------~--~---
