http://documents.iss.net/literature/DatabaseScanner/reports/oracle/OraPolicy.pdf
Sony kristanto
<Sony@polyfinca To: Multiple recipients of list
ORACLE-L <[EMAIL PROTECTED]>
nggih.com> cc:
Sent by: Subject: RE: encrypted user/passwd
connection
[EMAIL PROTECTED]
m
January 13,
2003 11:24 PM
Please respond
to ORACLE-L
BTW rajesh, where can I find 'ORA_ENCRYPT_LOGIN variable and
DBLINK_ENCRYPT_LOGIN parameter (for retried attempts across
database
link)' ? Pls respond ...
> -----Original Message-----
> From: [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, January 07, 2003 10:02 PM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: RE: encrypted user/passwd connection
>
>
> "All oracle passwords are encrypted" is not a true statement. Failed
login
> attempts, are retried by sending the password in an unencrypted format.
> Atleast, until 8.1.7. To avoid which, ORA_ENCRYPT_LOGIN variable and
> DBLINK_ENCRYPT_LOGIN parameter (for retried attempts across database
link)
> should be set to TRUE.
>
> I could stand corrected though.
>
> Raj
>
>
>
>
>
>
> Sony kristanto
>
> <Sony@polyfinca To: Multiple recipients of
> list ORACLE-L <[EMAIL PROTECTED]>
> nggih.com> cc:
>
> Sent by: Subject: RE: encrypted
> user/passwd connection
> [EMAIL PROTECTED]
>
> m
>
>
>
>
>
> January 07,
>
> 2003 01:53 AM
>
> Please respond
>
> to ORACLE-L
>
>
>
>
>
>
>
>
>
> You're right Jared, all oracle password is encrypted. Btw Andrey if it is
> possible how to do it ?
>
> > -----Original Message-----
> > From: Jared Still [SMTP:[EMAIL PROTECTED]]
> > Sent: Tuesday, January 07, 2003 11:04 AM
> > To: Multiple recipients of list ORACLE-L
> > Subject: Re: encrypted user/passwd connection
> >
> >
> > Andre,
> >
> > Oracle does not send passwords across the network
> > in clear text, they are encrypted by default.
> >
> > Jared
> >
> > On Monday 06 January 2003 05:43, Andrey Bronfin wrote:
> > > Dear list !
> > > I have just been asked the following question:
> > > is it possible to make a connection from an Oracle client to an
Oracle
> > > instance (both are 8.1.7) in an "encrypted" way.
> > > I.e. if someone is sitting with a sniffer between the server and the
> > > client, then i don't want him to be able to see the user/passwd i'm
> > > connecting with. Again , i am NOT asking how store the data in the DB
> in
> > an
> > > "encrypted" way, but how to connect to an instance without showing my
> > > passwd.
> > > Thanks a lot!
> > > Andrey.
>
>
--
Please see the official ORACLE-L FAQ: http://www.orafaq.net
--
Author: Sony kristanto
INET: [EMAIL PROTECTED]
Fat City Network Services -- 858-538-5051 http://www.fatcity.com
San Diego, California -- Mailing list and web hosting services
---------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
--
Please see the official ORACLE-L FAQ: http://www.orafaq.net
--
Author:
INET: [EMAIL PROTECTED]
Fat City Network Services -- 858-538-5051 http://www.fatcity.com
San Diego, California -- Mailing list and web hosting services
---------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
