Call: +44 (0)7759 277220 Call
Blog

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Google hacking is on the up!"] [Next entry: "A repository of security papers - SecurityDocs.com"]

Yong Huang's web site is excellent



I have known about Yong Huang's web site for some time now as we have exchanged emails in the past on internals and undocumented details. Yong is a great guy who knows a lot about Oracle. He has a great web site dedicated to (mostly) Oracle information, articles, tips and newsgroup postings he has made. I was searching for a piece of information last night for the SANS Oracle security training course I am working on and saw a link to Yong’s site and I opened the page in a window to remind me to take a good look again and see what has been added and changed.

Yong's site, well the Oracle pages are superb. His homepage also details some of his other interests. Yong started out as a PhD graduate and became an Oracle DBA in 1999 and his previous experience was as a web programmer. The site contains details on this.

I will return to Yong’s site in future blog posts as there is a huge amount of content, some internals, some undocumented stuff and also some Oracle security information / bugs etc. I want to talk about some of the individual pages again later. I have already three links for quite a long time to Yongs site on my Oracle Security white papers page. These are to Yong’s Oracle Idiosyncrasies page, his Oracle Executables page and his Speculation of X$ Table Names page. These pages include some great research into Oracle internals. Yongs Oracle page first includes a section of freeware that includes pstats for Windows, pio and topio for Solaris and Windows and Windows oerr for Oracle. His Oracle database section includes Q&A tips, Oracle idiosyncrasies, an under construction section that includes investigations into tracing Oracle processes on Windows and Unix. Pages on Miscellaneous Oracle Notes, X$ tables, Oracle binaries, Oracle and Perl and much much more. Yong also has a miscellaneous section and a web programming section.

This is a great site for a browse and worth taking a look. I will talk again in later posts about some of Yong’s findings.