Auditing an Oracle database for security issues is very important. provides all of the information and tools that you will need Click here for details of Limited's detailed Oracle database security audit service Click here for details of Limited's Oracle Security Training Courses
There are 54 visitors online    
Cookie Policy:We only use essential cookies on small sections of this website. For details see here.

Pete Finnigan's Oracle security weblog

Home » Archives » December 2004 » Amis blog talks about SQuirrel - an open source database tool

[Previous entry: "Frank has a nice post about improvements to web application security"] [Next entry: " newsletter will be re-launched soon"]

Amis blog talks about SQuirrel - an open source database tool

December 15th, 2004 by Pete

I saw last week some time an entry in the Amis blog written by Alex Nuijten entitled "Oracle Open Source : SQuirrel" - As I am always interested in tools, debuggers, compilers, internals and the like I took a look at this entry.

In the world of Oracle security you cannot simply focus on parameter settings and privileges granted and default users passwords you need to understand the technology, how it works, how itís installed and also how to delve deeper into it and finally how to efficiently access the database structures and data. To perform Oracle security audits I use a set of custom written SQL and PL/SQL and shell scripts that gather a huge amount of data about the database, the operating system, the software installation and networking applied to Oracle. These scripts give me a good overview of the security state of a database and its accompanied software installation.

Even though I use command line tools almost exclusively I also need to do manual checks and analysis based on what my scripts gather in the first sweep. I am therefore always interested in any tools to analyse the database particularly free ones like this.

This tool is written in Java and allows browsing of database structure, users, privileges etc. Its not as sophisticated as TOAD but then again its free and has ongoing development so could undoubtedly catch up. The SQuirrel too is available here.

December 2004

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

Weblog Home
Weblog Archives

Oracle Security Tools page
Oracle security papers
Oracle Security alerts

Web Development
SQL Server Security

Atom 0.3 FEED
Powered by gm-rss 2.0.0

Valid XHTML 1.0!