Re: verifying network encryption on 11gR2?
- From: Adric Norris <landstander668@xxxxxxxxx>
- To: oracle-l <oracle-l@xxxxxxxxxxxxx>
- Date: Tue, 21 Jan 2014 08:30:10 -0600
Running any sort of network sniffer will unfortunately be very difficult,
likely impossible, to get approved. That's why I'm hoping to find a method
which can be easily (and more importantly, reliably) checked from within
the database.
I do appreciate the suggestion, however, and will certainly keep it in
mind. Thanx!
On Fri, Jan 17, 2014 at 11:09 PM, Jeff C <backseatdba@xxxxxxxxx> wrote:
> Try using Wireshark. You can pretty easily see the different when network
> encryption is on versus off. You will see plain text and then a bunch of
> scrambled data.
>
>
> On Fri, Jan 17, 2014 at 6:41 PM, Adric Norris <landstander668@xxxxxxxxx>wrote:
>
>> Is there a good way to check, from within the database, whether or not
>> database sessions are utilizing network encryption? I know you can look at
>> the *network_service_banner* column of *v$session_connect_info*, but the
>> text format makes it difficult to parse effectively... not to mention that
>> I'm not certain that it's always populated (thinking of JDBC thin clients
>> here). The databases in question are all 11.2.0.3/11.2.0.4, running
>> under a combination of Linux X86-64 and Solaris SPARC 64-bit.
>>
>> We're thinking of enabling opportunistic network encryption in the near
>> future, with the goal of it eventually becoming mandatory. I'd therefore
>> like to be able to identify plaintext sessions from within the database, so
>> that we have an idea of which applications / groups will need to make
>> configuration changes.
>>
>> Thanx!
>>
>> --
>>
>> Awk! Pieces of eight. Pieces of eight. Pieces of seven... ERROR: kernel
>> panic [parroty error]
>>
>>
>
--
"I'm too sexy for my code." -Awk Sed Fred
Other related posts:
