OT RE: Re[2]: security problem with 8i

2001-07-18 Thread Mohan, Ross
there's also the ALL POWERFUL scott/tiger account to consider! -Original Message- Sent: Wednesday, July 18, 2001 11:07 AM To: Multiple recipients of list ORACLE-L Although there has been so much publicity of security holes in Oracle, in particular the listener, the one hole that

Re: Re[2]: security problem with 8i

2001-07-18 Thread paquette stephane
Are you joking ? --- [EMAIL PROTECTED] a écrit : Although there has been so much publicity of security holes in Oracle, in particular the listener, the one hole that really causes me concern is the default passwords for sys and system and/or using the username as a password. Over

Re: OT RE: Re[2]: security problem with 8i

2001-07-18 Thread Jared Still
Ross, You can get into all of my databases that way, including the enterprise SAP database. Wonderful huh? Changing passwords around is on my todo list, but it's often not as simple as just changing it. There may be other ramifications, like it's a FailSafe database for instance. Or a 3rd

Re: Re[2]: security problem with 8i

2001-07-18 Thread Rachel Carmichael
: Re[2]: security problem with 8i Date: Wed, 18 Jul 2001 07:25:48 -0800 Are you joking ? --- [EMAIL PROTECTED] a écrit : Although there has been so much publicity of security holes in Oracle, in particular the listener, the one hole that really causes me concern is the default

RE: OT RE: Re[2]: security problem with 8i

2001-07-18 Thread Mohan, Ross
JS, I think DG did this and mail got crossed. HTH, RM -Original Message- Sent: Wednesday, July 18, 2001 11:51 AM To: Multiple recipients of list ORACLE-L Ross, You can get into all of my databases that way, including the enterprise SAP database. Wonderful huh? Changing

RE: Re[2]: security problem with 8i

2001-07-18 Thread Farnsworth, Dave
-To: [EMAIL PROTECTED] To: Multiple recipients of list ORACLE-L [EMAIL PROTECTED] Subject: Re: Re[2]: security problem with 8i Date: Wed, 18 Jul 2001 07:25:48 -0800 Are you joking ? --- [EMAIL PROTECTED] a écrit : Although there has been so much publicity of security holes in Oracle

RE: Re[2]: security problem with 8i

2001-07-18 Thread Jack C. Applewhite
Oh yeah! I've got one even better! When I joined a previous company, their *Web-accessible* application's administration username/password was admin/admin! Their production Oracle DB - accessed via the admin/admin protected app - had system/manager and mps/mps (mps stands for Main Production

Re: Re[2]: security problem with 8i

2001-07-18 Thread tday6
Not at all. Just last week I had a vendor who came in to install a package. They were very upset because SYS didn't have the standard password and their install script wouldn't work. I questioned their use of the SYS schema for the installation but powers wiser than me had me change the SYS

RE: Re[2]: security problem with 8i

2001-07-18 Thread lhoska
My old job had never changed any of the default passwords. And the reason why standard passwords are kept is because it is 'easy to remember'. Go figure... -Original Message- Sent: Wednesday, July 18, 2001 1:48 PM To: Multiple recipients of list ORACLE-L Not at all. Just last week I