Vulnerability Development mailing list archives
Re: Oracle
From: romeo () EMERALD-NET DEMON CO UK (Shashi Dookhee)
Date: Mon, 31 Jan 2000 07:27:21 -0000
Um, why exactly was this message allowed to go through? Help someone not get caught entering a system without authorisation? C'mon, be serious... As a Systems Administrator, I take offence to this! :) I mean, this guy obviously doesnt even know much about computing since he dont even know what type of network he's on (for sure)... Sort it out, B-Boar ;) Thanx:) Mr Shashi Dookhee UNIX Programmer/Senior Systems Administrator Traffic Interactive Ltd Tel: (020) 7616 9039 Fax: (020) 7616 9030 ISDN: (020) 7616 9002 Mobile: 07803 760 315 Email: shashi () traffic co uk Web: http://www.traffic.co.uk -----Original Message----- From: liberal world <berkandny () HOTMAIL COM> To: VULN-DEV () SECURITYFOCUS COM <VULN-DEV () SECURITYFOCUS COM> Date: 31 January 2000 08:19 Subject: Oracle
Hello everybody! I know that a Data Base Administrator (DBA) can monitor my accessing an Oracle program in a LANetwork(number of users between 50-100), because I tested it somehow... In our LAN, entering Windows Networking is realized by writing User Name, Password and Domain name in a window.I guess that
Windows
NT is used in the LAN because "Log On To Windows NT Domain" section is selected in the Client for Microsoft Networks Properties window.My computer uses Windows 95.
2>Some time ago, I had luckily managed to get the DBA's user name and Password
that were used in Oracle based programs and I freely accessed every oracle programs since then. After several days past, the DBA changed the Oracle password (of course, this is not surprising!) Probably, he must have taken
a
look at some kind of list showing who has entered which oracle program and that should have allowed him to easily discover my unathorized accesses :) Now I once again got the new DBA password (thanks to a friend who is expert at reading what is typed in the keyboard!) but, this time I don't want to
so
easily get caught, so I think of a way to enter the program without being discovered, but don't know how to do it. So can anyone give information about it? :) Any info you will give is welcome. Thanks... ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com
Current thread:
- Re: Oracle Shashi Dookhee (Jan 30)
- Re: Oracle (aiding and abetting) Blue Boar (Feb 01)
- <Possible follow-ups>
- Re: Oracle Lars Roeglin (Jan 31)