Call: +44 (0)7759 277220 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Oracle and alert #68"] [Next entry: "Edward Stangler talks about running catpatch"]

James Morle's book is available as a free pdf

I just saw this evening that James has made his book available free when browsing to find his site to find his dbtop tool. dbtop is a Java tool that is similar in concept to the Unix top utility except that it finds the top Oracle database sessions instead. Anyway back to the story. I noticed a newsgroup posting that said James excellent book "Scaling Oracle8i: Building Highly Scalable OLTP System Architectures" is now available from his website as either a pdf or a HTML version. The pdf can be downloaded, copied distributed and even hosted on your own site. The HTML cannot be copied or hosted anywhere except James site and he has indicated that it will be updated from time to time. The pdf is available here and the HTML version here. It is released under the creative commons license.

The book is excellent and the 8i in the title should not be thought of as a concern as the book dates very well and most of the content is still very valid. It gives details of how to implement and design scalable and reliable OLTP Oracle systems. It talks about hardware, I/O, internals, benchmarking, monitoring, even a TCL based tool called dbaman that allows easy database programming to be done. The source code is included. It talks about Unix kernels, the Oracle virtual operating system interface.

I have a paper copy of this book that I found in Foyles in Charing Cross road in London a couple of years back. I have read it back then and it gives a fantastic insight into the workings of Oracle and how to build big performant systems. I like books like this, Jonathans is good also as they give you a good understanding of how Oracle really works. I like Oracle security as you know but I also like internals and undocumented trivia and info but I also like to know how oracle works. You cannot hope to secure Oracle properly unless you understand it properly! - This is why I wanted to talk about this book here, there are not many good books that let you understand how to build Oracle systems properly and this is one of them. If you want to secure Oracle, then you need to understand its use and how to build systems properly. Security often gets in the way of usability and performance, thatís why itís good to also understand Oracle if you are going to secure it.