Auditing an Oracle database for security issues is very important. provides all of the information and tools that you will need Click here for details of Limited's detailed Oracle database security audit service Click here for details of Limited's Oracle Security Training Courses
There are 57 visitors online    
Cookie Policy:We only use essential cookies on small sections of this website. For details see here.

Pete Finnigan's Oracle security weblog

Home » Archives » April 2005 » An interesting post by Mark

[Previous entry: "Alex Kornbrust has a new paper on google hacking and Oracle"] [Next entry: "O'Reilly CodeZoo"]

An interesting post by Mark

April 9th, 2005 by Pete

I was browsing Orablogs this evening and saw an interesting post by Mark Rittman titled "Tom Kyte : "In Search Of The Truth"" mostly quoting from a post by Tom on his site titled "In Search of the Truth - Or Correlation Is Not The Same As Causation". I have skimmed through Toms post and mostly its about the ongoing discussion between him, Don, Mike and Jonathan.

I was particularly taken by Marks post though as he has pulled some great sections from Toms post that gives some good advice to anyone looking at Oracle and wanting to state some fact about it. Proof and testing is a great leveller (not always, though as the circumstances of the test case can matter) in understanding and also in stating advice on something. These sentiments can be applied to Oracle security, especially Oracle security. If you think something is insecure in the configuration of your database then test the scenario and prove the case to be insecure. I try to use example code whenever necessary in my writings as an example should always prove the case to be true or not and aid understanding.

Read Marks post and Toms as they give good advice to anyone wanting to test a theory (mostly the original posts made by Tom et al is to do with tuning but the sentiments are valid in any endeavour).

April 2005

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

Weblog Home
Weblog Archives

Oracle Security Tools page
Oracle security papers
Oracle Security alerts

Web Development
SQL Server Security

Atom 0.3 FEED
Powered by gm-rss 2.0.0

Valid XHTML 1.0!