3

I have recently dumped the network traffic from my application server that talks to my Oracle database server.

I configured the Oracle DB server to encrypt the data using TLSv1.2 when sending over the network, but as you can see in the screenshot below, the "connection descriptor" from the TNS packets are still visible in plain text:

OracleDB network traffic

As you can see, the text in red rectangle shows the connection description in plain text, while the green rectangle shows the encrypted data which is fine.

My concern is that the username and the DB name are disclosed in the network traffic. So is it possible to encrypt the connection descriptor also?

Improve this question
3
  • 3
    I don't know for sure, but I suspect you'll get a better response if you ask the mods to move this to the dba.stackexchange.com site where you'll find database administrators Commented Aug 25 at 13:30
  • TLS typically involves a negotiation between the server software (in this case an Oracle database) and the client software. This usually requires configuring both the server software and the client software to request and negotiate a TLS encrypted connection. You mentioned changing the configuration for the server software, but did the client software also receive an update to its configuration? Commented Aug 25 at 13:51
  • I'm no expert, but: It would probably also help which one of the three scenarios listed in docs.oracle.com/cd/E26401_01/doc.122/e22952/… you're in (or whether it is any). Commented Aug 25 at 16:30

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.