Using OAS network encryption for securing data in motion
Oracle has built-in network encryption methods in its Oracle Advanced Security pack. The main advantage of using OAS encryption instead of other encryption methods is its ability to integrate and work with other Oracle security products such as Oracle Database Firewall and third-party products provided by other vendors such as IBM (InfoSphere Guardium), Imperva, and others. As a disadvantage, being a separate pack, it is expensive and requires licensing.
In case that you use unencrypted network communication, all the data flow from server to client will be sent in clear text. The only exception is the password which is sent in encrypted form during authentication. Packet interception becomes a trivial task if the attacker is located at the right place on the network and the data is transmitted unencrypted. In this recipe we will sniff and analyze the data in flight between nodeorcl5 and nodeorcl1 using Winshark. We will capture the...
