Server Administration :: Set-up Network Encryption
Sep 9, 2010
I am trying to set-up network encryption.I have added following parameters to my server side sqlnet.ora file:
SQLNET.ENCRYPTION_SERVER = REQUIRED
SQLNET.ENCRYPTION_CLIENT = REQUIRED
SQLNET.ENCRYPTION_TYPES_SERVER =RC4_256
SQLNET.ENCRYPTION_TYPES_CLIENT =RC4_256
SQLNET.CRYPTO_CHECKSUM_SERVER = REQUIRED
SQLNET.CRYPTO_CHECKSUM_CLIENT = REQUIRED
SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER = (MD5)
SQLNET.CRYPTO_CHECKSUM_TYPES_CLIENT = (MD5)
As per my understanding connections should start to fail from client side after addition of these parameter on server side sqlnet.ora (no changes to client side sqlnet.ora).I am still able to connect to this server without connections getting failed.
I already checked aso is installed on this database.Just to add it is a RAC database with 2 nodes.
View 4 Replies
ADVERTISEMENT
Jun 4, 2010
We have an application that fetches and writes data into oracle database through pro c. oracle datyabase is on another server.
We are storing some secure information into oracle database so we want to encrypt the data sent by our aplication into oracle database.We do not want to use SSL(i.e certificates) and also do not want to make use of Advance Security Option available in oracle and also do not want to make any changes in sqlnet.ora file on server side.
achieve encryption of traffic between our application and Oracle database?
View 13 Replies
View Related
Jan 27, 2010
I have installed oracle 10g XE on my machine. And my machine's ip address is 10.10.50.50.
username:system
password:xxx
XE =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP)(HOST = 10.10.50.50)(PORT =1521))
[code]....
I was able to connect to the above server from my machine.But when i was trying to connect the above server from my neighbours system i am getting an error Network adapter could not establish the connection.
Note:when i ping the ip address 10.10.50.50 from my negihbours system in the command prompt
Reply from 10.10.50.50:bytes=32
Reply from 10.10.50.50:bytes=32
Reply from 10.10.50.50:bytes=32
Reply from 10.10.50.50:bytes=32
View 10 Replies
View Related
Apr 19, 2010
I have A Daily hot backup using Expdp Command On oracle 10g R2 installed on the Linux server. And I'm trying to move this Dump File to Another directory on Windows server 2003 over network using Ftp script which will be run after the export process finished Automatically.
View 9 Replies
View Related
Sep 29, 2010
I want to create two or three sachems on my production server which should be the same copy of my another second production server. And I access this second server through VPN connection on toad9.0.1. And I access my production server through VNC viewer and database through toad.
How cloud I create schema on my first prod. server from second server.
View 11 Replies
View Related
May 21, 2010
I'm receiving the error REP-52266, while running a simple script from Forms 10g:
web.show_document('/reports/rwservlet/showjobs?server=rep_fsprod', '_blank');
I previously received REP-51002; searched over the forums,& made changed to the rwservlet properties file by setting my Server,setting the trace on,& changing my host file in windows.
Errors received now: REP-52266: The in-process Reports Server rep_fsprod failed to start.oracle.reports.RWException: IDL:oracle/reports/RWException:1.0
I also tried these commands:
rwclient server=rep_CC-BA0C7240E38E report=test destype=cache desformat=html
GIVES ERROR:-
REP-0178: can not connect to reports server
rwdiag -findall
Broadcast mechanism used to locate servers
Channel address: 228.5.6.7
Channel port: 14021
REP-50503 No server found in the network.
View 1 Replies
View Related
Feb 23, 2012
i've 0racle 9i database, i wanted to know the easiest way how to copy that database on another computer throw local network,
View 15 Replies
View Related
Jan 14, 2011
I am using below command to import a schema using network link. Command is :
impdp system directory = IMP_DIR schemas = XYZ network_link = PQR remap_schema = XYZ:XYZ exclude=view: "= 'XYZ.VW_ACCEPTDETAILS'"
This command is giving below error
LRM-00116: syntax error at 'view:' following '='
When I have tried Like in place of '=' sign i.e. EXCLUDE = VIEW:"LIKE '%VW_ACCEPTDETAILS%'" , it gives me below error:
UDI-00014: invalid value for parameter, 'exclude'
View 4 Replies
View Related
Jun 20, 2012
I managed to upload images to a database server, resize them, copy to the application server and everything worked just fine - the Apex page successfully displayed images. Since last week, things have broken. This is how: there's a directory object which points to application server's directory:
SQL> select * from all_directories;
OWNER DIRECTORY_NAME DIRECTORY_PATH
------- ------------------------------ -----------------------------------
SYS SLIKE_4005_UPLOAD d:gisslike_4005_upload --> on a database server
SYS SLIKE_4005 \my-iasd$homegisslike_4005 --> on an application server
SQL>
I can use a directory located on a database server:
D:GISSlike_4005_upload>dir photo_resize.*
Volume in drive D is RAID
Volume Serial Number is 88F2-69D2
Directory of D:GISSlike_4005_upload
[code]....
How come it doesn't work? I was absent last week, database server was restarted for some reason (there were Windows' updates which required restarting). After that, all applications (lucky us, just two of them, but in multiple procedures/functions) return FALSE for UTL_FILE.FGETATTR.
We recreated directory objects, but that didn't work (UNC or not, no difference). I Googled quite a lot, read Metalink notes - nothing I did solved the problem.
what these OS updates were about; maybe they are not to be blamed at all. Both servers (database & application) run MS Windows Server 2003 Standard Edition Service Pack 2. In the meantime, a colleague developed a workaround (it uses UTL_HTTP) which works, but it is MUCH slower than the previous UTL_FILE.FGETATTR option.
Why don't we keep these images on the database server (instead of the application server)?I was told that Apache is incapable of accessing mapped network directories so we used what we could.
View 13 Replies
View Related
Aug 13, 2010
I encrypted the column but when i check through strings command the data is still not encrypted,i created the wallet etc etc,set proper path in sqlnet.ora
View 3 Replies
View Related
Aug 10, 2010
I would like to know the reason why the database is on unencrypted format by default,there must be some reason behind this, i hear from someone that encrypted data degrade performance thats the reasons its on unencrypted format by default.
View 6 Replies
View Related
Sep 24, 2010
I am trying to setup encryption and have the following entry in my sqlnet.ora file (all on one line).
ENCRYPTION_WALLET_LOCATION=(SOURCE=(METHOD=FILE)(METHOD_DATA=(DIRECTORY=/oracle/10.2.0.1.0/network/admin/encryption_wallet/)))
When I login into my DB I get the following error:
sqlplus ' / as sysdba '
SQL*Plus: Release 10.2.0.1.0 - Production on Fri Sep 24 16:30:49 2010
Copyright © 1982, 2005, Oracle. All rights reserved.
Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - 64bit Production
With the Partitioning, OLAP and Data Mining options
SQL> ALTER SYSTEM SET ENCRYPTION KEY AUTHENTICATED BY "XXX";
ALTER SYSTEM SET ENCRYPTION KEY AUTHENTICATED BY "XXX"
*
ERROR at line 1:
ORA-28368: cannot auto-create wallet
As you can see the directory is not created.
ls -ld /oracle/10.2.0.1.0/network/admin/encryption_wallet
ls: 0653-341 The file /oracle/10.2.0.1.0/network/admin/encryption_wallet does not exist.
The directory above where I want to create my wallet is owned by oracle, which is the user I am running sqlplus as (see below)
ls -ld /oracle/10.2.0.1.0/network/admin
drwxrwsr-x 4 oracle dba 512 Sep 24 15:45 /oracle/10.2.0.1.0/network/admin
/tmp who am i
oracle pts/1 Sep 24 13:25 (is122.hshhp.com)
View 2 Replies
View Related
Oct 10, 2011
While searching for password encryption I came across these statements.
1.Password Encryption While Connecting. This protection is always in force, by default. Passwords are always automatically and transparently encrypted during network (client/server and server/server) connections, using a modified DES (Data Encryption Standard) or 3DES algorithm, before sending them across the network.
Confirm whether by default oracle encrypts the password before sending it to the database across the network even when the clear text password is used for connecting from a jdbc client.
View 1 Replies
View Related
Jun 20, 2013
I am trying to have an encryption logic written in Pl/SQL that could decrypt the value which is encrypted in Dot Net, using AES128 algorithm. Everytime when i try to have the decryption done, i lands up in one or the other error message. Below is the code snippet which i use. create or replace
FUNCTION decryptAES (EncryptedText IN VARCHAR2,EncKey IN VARCHAR2) RETURN VARCHAR2 DETERMINISTIC IS key_bytes_raw RAW (2048); l_ decrypted_raw RAW (2048); encryption_type PLS_INTEGER := DBMS_CRYPTO.ENCRYPT_AES128; BEGIN key_bytes_ raw:= UTL_RAW. CAST_TO_ RAW (EncKey); l_decrypted_raw := dbms_crypto.decrypt (src =>utl_raw.cast_to_raw(EncryptedText), typ => encryption_type, key => key_bytes_raw ); RETURN (UTL_RAW.CAST_TO_VARCHAR2 (l_decrypted_raw)); END decryptAES.
View 3 Replies
View Related
Apr 6, 2013
Can i get some documents on oracle RAC database encryption.?what are the pros and cons of encryption?Does this comes with oracle Database or something we need to buy from oracle sales persons?
View 2 Replies
View Related
Jul 2, 2010
We are attempting to configure/use OEM (Oracle 10.2.0.4) on Solaris, and when logging in to OEM we are directed to the Database Down page, stating Enterprise Manager is unable to connect to the database instance, but showing all the components as up/open. After checking the log, I found the following error:
IO exception: Unknown Encryption or Data Integrity algorithm
I checked the settings in emoms.properties and compared the encryption parameters to those in our SQLNet file, and all match up. We are NOT using Grid Control, just db control connecting to 1 instance.
View 9 Replies
View Related
Sep 29, 2010
what steps I am missing or provide a work-around?
1) cat sqlnet.ora
NAMES.DIRECTORY_PATH=(TNSNAMES)
WALLET_LOCATION =
(SOURCE =
[code]...
2) mkdir /u01/app/oracle/secure
ls -ld /u01/app/oracle/secure
drwxr-sr-x 2 oracle dba 512 Sep 28 17:04 /u01/app/oracle/secure
lsnrctl stop
lsnrctl start
3) sqlplus 'sys/sys as sysdba'
SQL*Plus: Release 11.2.0.1.0 Production on Tue Sep 28 17:07:53 2010
SQL> ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "DeciPher";
ALTER SYSTEM SET ENCRYPTION KEY IDENTIFIED BY "DeciPher"
*
ERROR at line 1:
ORA-28374: typed master key not found in wallet
View 8 Replies
View Related
Oct 22, 2010
Is it possible to migrate everything (tables, indexes) from a unencrypted to encrypted tablespaces online i.e. while the database is being used (DML)?
View 3 Replies
View Related
Aug 29, 2013
Our Audit Company has given us a recommendation:"Old DB Link encrypted Passwords: The password of the Oracle databases links are encrypted using DES (password starts with 05). This encryption methord is known and users can decrypt the passwords using a simple SQL query. Please recreate the database links to use the new encryption method (password starts with 06)."What does it mean and how can we perform this recommendation?
View 2 Replies
View Related
Jul 19, 2012
I created a test table with 4 columns(id, first_name,last_name, salary-number ) and then alter table to encrypted salary column . everything is OK.
I insert values into test table. However, I still can see salary value by select SQL.
What is wrong?
my db is oracle 11.2.01 in 2008 SP window
newdba
View 7 Replies
View Related
Jan 9, 2012
Recently the Oracle10g database has been migrated to UTF8 character set and the following have failed.
1. The password applied is not getting encrypted and the password contains a spanish characters.
Getting the below error.
"10057:ERROR WHILE ENCRYPTING GIVEN STRING:String:Uñomasuño5.::ORA-28232: invalid input length for obfuscation toolkit:-28232:ORA-28232: invalid input length for obfuscation toolkit"
The algorithm used for encryption DES. I tried with DESENCRYPT , DES3ENCRPYT and MD5 and it failing.
View 5 Replies
View Related
Apr 26, 2013
Our client is having requirements that data should be encrypted through-out the process (from transaction level to backup level).
Requirements are as below -
1) Data should be encrypted and can be access only through application (through front end).
2) Even if pl/sql, sql installed, developer user cannot able to fetch data from database.
3) Even DBA, should not have access to fetch the data from the database.
4) Only assigned DBA, should fetch details from database (provided he/she should have details of database as well as application's user / password).
5) It should be restricted by ip and user details (such as ip of application server with user/password of user).
6) Changes should be purely done from database level only.
View 5 Replies
View Related
Jan 10, 2011
I would like to encode values in a column using SHA-2 (256 bit encryption). Does 10g support SHA-2 and if so how can i implement this?
View 2 Replies
View Related
Jan 22, 2013
I have created a wallet (11g R2 OEL 5.5) using the OWM.Tried opening the wallet (encryption_wallet_location set in sqlnet.ora). then while creating a table it said the master encryption key is not present. Have created the master key using the following command.
alter system set encryption key identified by "Password";
Here the strange thing i observed is that when we create a wallet using the OWM, it asks for the password and when i open the same wallet the master key is not created and it allows the master key to be generated with the same password that i have created the wallet in the first place with the OWM, with any other passwords it says that the wallet is not open.
After creating the wallet and creating the master key... I have the following questions, and its becoming quite hard to find the solutions as well.
1. Can we have multiple encryption keys... say i want to encrypt a table or column with one key and other with an another key.
2. How many keys can we have for objects in the table? or can we have only one key and many certificates.
3. wallet created, and encrypted tables present, the wallet is not in auto open mode, but somehow the database open after it is shutdown, here no encrypted tablespaces are present.
4. while creating an encrypted tablespace the default storage (encrypt ) has to be added to the add tablespace clause.
View 2 Replies
View Related
Nov 4, 2012
We have got a new requirement wherein, The customer wanted the DBA Vendor (US) NOT to access the confidential information (ALL Columns) in the DB tables of PRODUCTION database. This is for few applications to comply with with export control rules. The thin support by Customer DBA will be allowed to access the Data, if required .
1) Web Based Interface ?.
2) DB Encryption (But if we encrypt ALL columns Serious performance issue expected, File level will not restrict DB level access)
3) Special setting on DB (DBA to do only backup and restoration related work only - But cannot access data)
4) Standard Tools / Utilities / Others ??.
Technologies are Oracle ,SQL
View 3 Replies
View Related
Aug 18, 2010
I have a rather hard to trace problem which is keeping me up several days now. We want to implement a package for querying devices via SNMP in our database. There are no packages shipped with Oracle that come handy. UTL_TCP does not work because SNMP works via UDP. After all we came up with the idea to use URL.... Locally on my development machine and on the command line of the Oracle database our first prototype of the SNMP query function works very well, but inserted into the database all I'm getting is a "Request timed out". Firewall mechanisms can not be the problem because the java code runs smoothly on the command line and also a snmpwalk on the command line suceeds, so the database is not blocked by any firewall. First I thought some permission via Java are missing, but I took a look in the USER_JAVA_POLICY view and worked this with SYSDBA out. A java application in Oracle connection via TCP to port 80 and fetching a website works allright, the thing not working seems to be UDP.
View 3 Replies
View Related
Nov 29, 2010
i'm a student currently learning database administration security.
I need to create a tablespace for administration of database but i don't know what datafile settings are best suited for admin usage.
I have attached the schema that was given to me for this assignment.
View 12 Replies
View Related
May 8, 2013
Given facts:
rman is used to backup database A to disk
rman is used to put those disk backups to tape
rman is used to duplicate database A to database B on another host
the duplicate process worked fine before we started testing encryption
the duplicate process worked fine with database A having an encrypted column in one table in a non-encrypted tablespace
Now, database A has an encrypted tablespace with nothing currently in it. The duplicate process now ultimately fails with ORA-19913, unable to decrypt backup.
I am not using encrypted backups, not specifying encrypt or decrypt anywhere in the duplication process. The only thing that is encrypted is the one tablespace in database A. I have the same wallet files on Host A (database A) and Host B (database B). Wallets are open. So why does the duplication process fail because the backup cannot be decrypted?
View 8 Replies
View Related
Jul 23, 2013
while try to expdp on network drive. getting below error.how can we perform the expdp on network drive
Network location: \\tsclient\p\expdp
1.)SQL> show user
USER is "SYS"
SQL> create or replace directory exp as '\\tsclient\p\expdp';Directory created.
SQL>Grant read,write on directory exp to system;
2.)expdp system/xxxxx@orcl directory=exp dumpfile=EXP_orcl_072013.dmp logfile=EXP_72013_1.log schemas=('IIMS','CMMN')
Export: Release 11.2.0.2.0 - Production on Tue Jul 23 13:48:07 2013
Copyright © 1982, 2009, Oracle and/or its affiliates. All rights reserved.
Connected to: Oracle Database 11g Release 11.2.0.2.0 - 64bit Production
ORA-39002: invalid operation
ORA-39070: Unable to open the log file.
ORA-29283: invalid file operation
ORA-06512: at "SYS.UTL_FILE", line 536
ORA-29283: invalid file operation
View 2 Replies
View Related
Feb 7, 2007
I'm using Oracle10.0 as database for my project and I have installed Toad as front end tool for the Oracle. Now I want to access the database in the network using the Toad.
My question is, is it compulsory that oracle should be installed in every system to access Toad or any thing can I change in the server system to access the database from other systems in the Network.
View 1 Replies
View Related
