2 min listen
ratings:
Length:
3 minutes
Released:
Jan 18, 2021
Format:
Podcast episode
Description
Years ago I got a call to help someone with a database. I walked over to their desk (when this was possible) and sat down. They asked me how they could get into a database they had been told about. I quickly realized this was an Oracle database and asked for credentials for SQL*Plus. This person didn't have any, but I was able to log in with SYSTEM and MANAGER. This was a small department system of some sort, but it always struck me that the default credentials were available. Since then, every time I've encountered an Oracle database, I've tried those credentials. I've been amazed how often they worked, even for production systems. Recently there was a report that the Nissan corporation had some of their source code leaked. While I would prefer that the code running inside cars was open and widely examined, I was more dismayed that the leak was from an internal Git server with default credentials. Maybe even worse is the defaults are admin and admin, something that might not be hard to guess. Read the rest of Default Credentials
Released:
Jan 18, 2021
Format:
Podcast episode
Titles in the series (89)
Advice for Newcomers: A friend recently was asked to give a presentation on their career to a group of 12 year olds. It was a challenge to engage the students, and my friend was surprised that very few of the kids were interested in technology. I was disappointed as well... by Voice of the DBA