Flat text based security issue
From: Tim P. (tplaswirth@hotmail.com)
Date: 10/15/02
- Next message: Stephen P. Culhane: "Re: Server Certificate wizard won't start"
- Previous message: Chris: "Re: Blocking an IP address either on server or in IIS 5.0"
- Next in thread: Ken Schaefer: "Re: Flat text based security issue"
- Reply: Ken Schaefer: "Re: Flat text based security issue"
- Reply: Thomas Deml [MS]: "Re: Flat text based security issue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Tim P." <tplaswirth@hotmail.com> Date: Tue, 15 Oct 2002 12:58:05 -0700
Hello all,
I have a third party site built for my company. With this
is a third party program that communicates via ODBC to our
Oracle dB. Thus data passes back and forth. I have my
IIS server out in our DMZ where it belongs. But I had to
shut it down to work on this one issue.
I have a flat text file that contains some settings for
the Oracle connectivity. In this file contains the ID and
Password for our production Oracle server. I can't
believe this company wrote that without any encryption.
Well alas, the business unit wants it working. Yet they
are giving me time to work out my security woes. Can
anyone assist me with any ideas? I have tried obscurity
but that does not work. I changed the file name and put
it in another folder. But if you view the source of the
website it will give you that path no matter what.
Again any help is greatly appreciated!
Thanks in advance,
Tim
- Next message: Stephen P. Culhane: "Re: Server Certificate wizard won't start"
- Previous message: Chris: "Re: Blocking an IP address either on server or in IIS 5.0"
- Next in thread: Ken Schaefer: "Re: Flat text based security issue"
- Reply: Ken Schaefer: "Re: Flat text based security issue"
- Reply: Thomas Deml [MS]: "Re: Flat text based security issue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
