I believe you can do this by using trace files - and apparently can take a lot less :-) -----Original Message----- From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Nuno Souto Sent: 10 March 2004 10:08 To: Oracle L Subject: Funny sort of question re sys password Someone at work maintains that it takes them 10 minutes to break the Oracle SYS password security. And the Sun boof-head (a different person and I use the term loosely...) assures me he's capable of doing so any time he wants. Now, I've been away from this security stuff for a year or so and I may well be wrong here, but breaking the password security means cracking the Oracle encryption. While this may be possible, I can't believe it only takes 10 minutes? Wouldn't it rather be a case of social engineering at work? Or just a plain vanilla "change_on_install" case? <says he who used to change it to "changed", with the obvious funny consequences> Cheers Nuno Souto nsouto@xxxxxxxxxxxxxxx ---------------------------------------------------------------- Please see the official ORACLE-L FAQ: http://www.orafaq.com ---------------------------------------------------------------- To unsubscribe send email to: oracle-l-request@xxxxxxxxxxxxx put 'unsubscribe' in the subject line. -- Archives are at //www.freelists.org/archives/oracle-l/ FAQ is at //www.freelists.org/help/fom-serve/cache/1.html ----------------------------------------------------------------- ---------------------------------------------------------------- Please see the official ORACLE-L FAQ: http://www.orafaq.com ---------------------------------------------------------------- To unsubscribe send email to: oracle-l-request@xxxxxxxxxxxxx put 'unsubscribe' in the subject line. -- Archives are at //www.freelists.org/archives/oracle-l/ FAQ is at //www.freelists.org/help/fom-serve/cache/1.html -----------------------------------------------------------------