Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Oracle External Users

from [Damien Lewis] Network Security [Permanent Link]
Subject: Oracle External Users
Date: Sun, 4 Dec 2005 20:07:47 -0500 
Hello,

I'm in the process of reviewing a list of users (DBA_USERS table) from an
Oracle Database and have come across several accounts with the PASSWORD
field being "EXTERNAL".  It is my understanding that these accounts are
authenticated by the operating system, but how exactly do you go about
authenticating using this account (i.e. could I conect via SQL Plus or an
ODBC connection) and is there any other control(s) within Oracle that would
prevent any user from creating a user id that matches the account name in
DBA_USERS table on another computer and logging in as that user to the
Oracle database?

Thanks

D
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Encrypting Cached data, Georgi Alexandrov
Next by Date:  Re: SF new article announcement: Evading NIDS, revisited (pen-test), Jason
Previous by Thread:  Re: Apache mode_security, Stefano Di Paola
Next by Thread:  Re: Oracle External Users, bug
Indexes:  [Date] [Thread] [Top] [All Lists]