[dbsec] Sniffing Oracle authentications

  • From: Hamid Kashfi <hamid@xxxxxxxxx>
  • To: dbsec@xxxxxxxxxxxxx
  • Date: Mon, 27 Nov 2006 15:48:41 +0330

Hi ,
I was thinking about sniffing Oracle authentications out of network
traffic ,but
since long time ago I`ve not seen any implementation of such tool in public.
maybe the reason is the way Oracle switch client to new random port before
authentication . Although  simple sniffing won`t work for this case but
I guess
it`s not that hard to develop a smart sniffer that capture traffic on
1521 and
follow oracle to it`s new port , offered to client for authentication.

*maybe there is another issue about sniffing auth. info which I`m not
aware ?

Any comments , tools recommendations , URLs about this topic ?


Other related posts: