Re: password
- From: William Muriithi <william.muriithi@xxxxxxxxxxxxxxxxxxx>
- To: "'howard.latham@xxxxxxxxx'" <howard.latham@xxxxxxxxx>, "'RStorey@xxxxxxxxxxxxxxxxxx'" <RStorey@xxxxxxxxxxxxxxxxxx>
- Date: Tue, 23 Mar 2010 08:42:48 -0500
True that could be the case. However if we go along that reasoning, one can
argue discussing anything to do with auditing or security for that matter help
the bad guys. I remember someone posted a plsql script that exploited a oracle
vulnerability related to java. That would have been far serious.
Personally, I think that is he/she has physical access and sysdba details, its
too late to think about such thing. In that case, such worries should be
disregarded and assumed that we are responding to a honest user
________________________________
From: oracle-l-bounce@xxxxxxxxxxxxx <oracle-l-bounce@xxxxxxxxxxxxx>
To: RStorey@xxxxxxxxxxxxxxxxxx <RStorey@xxxxxxxxxxxxxxxxxx>
Cc: oracle-l-freelists <oracle-l@xxxxxxxxxxxxx>
Sent: Tue Mar 23 08:19:26 2010
Subject: Re: password
not wishing to cast any doubt upon anybody in this case however in similar
circumstances how can we be sure we are NOT helping someone HACK into a system?
On 23 March 2010 13:07, Storey, Robert (DCSO)
<RStorey@xxxxxxxxxxxxxxxxxx<mailto:RStorey@xxxxxxxxxxxxxxxxxx>> wrote:
Do you know how it was encrypted? Is the front end using an encryption scheme
or a vendor supplied encryption tool?
From: oracle-l-bounce@xxxxxxxxxxxxx<mailto:oracle-l-bounce@xxxxxxxxxxxxx>
[mailto:oracle-l-bounce@xxxxxxxxxxxxx<mailto:oracle-l-bounce@xxxxxxxxxxxxx>] On
Behalf Of Zelli, Brian
Sent: Tuesday, March 23, 2010 7:46 AM
To: 'Holvoet, Jo'; oracle-l-freelists
Subject: RE: password
No it is encrypted.
ciao,
Brian
Brian J. Zelli, Ed.M.
Sr. Database Administrator
Enterprise Application/Systems Integration
Information Technology - Roswell Park Cancer Institute
phone: (716) 845-4460 email:
brian.zelli@xxxxxxxxxxxxxxx<mailto:brian.zelli@xxxxxxxxxxxxxxx>
________________________________
From: Holvoet, Jo
[mailto:jo.holvoet@xxxxxxxxxxxxx<mailto:jo.holvoet@xxxxxxxxxxxxx>]
Sent: Tuesday, March 23, 2010 8:42 AM
To: Zelli, Brian; oracle-l-freelists
Subject: RE: password
If the apps use it, can’t you find it back on the app side ? If not in the
code, then in a config type file maybe ?
mvg / regards,
Jo Holvoet
________________________________
From: oracle-l-bounce@xxxxxxxxxxxxx<mailto:oracle-l-bounce@xxxxxxxxxxxxx>
[mailto:oracle-l-bounce@xxxxxxxxxxxxx<mailto:oracle-l-bounce@xxxxxxxxxxxxx>] On
Behalf Of Zelli, Brian
Sent: dinsdag 23 maart 2010 13:38
To: oracle-l-freelists
Subject: password
I lost the password for a schema user that runs applications. I can't change
it because it will crash the apps. How can I figure out what it was? Does
anyone have a hack script that can reveal it?
ciao,
Brian
This email message may contain legally privileged and/or confidential
information. If you are not the intended recipient(s), or the employee or agent
responsible for the delivery of this message to the intended recipient(s), you
are hereby notified that any disclosure, copying, distribution, or use of this
email message is prohibited. If you have received this message in error, please
notify the sender immediately by e-mail and delete this email message from your
computer. Thank you.
This email message may contain legally privileged and/or confidential
information. If you are not the intended recipient(s), or the employee or agent
responsible for the delivery of this message to the intended recipient(s), you
are hereby notified that any disclosure, copying, distribution, or use of this
email message is prohibited. If you have received this message in error, please
notify the sender immediately by e-mail and delete this email message from your
computer. Thank you.
--
Howard A. Latham
Other related posts:
