Auditing an Oracle database for security issues is very important. provides all of the information and tools that you will need Click here for details of Limited's detailed Oracle database security audit service Click here for details of Limited's Oracle Security Training Courses
There are 51 visitors online    
Cookie Policy:We only use essential cookies on small sections of this website. For details see here.

Pete Finnigan's Oracle security weblog

Home » Archives » May 2006 » An excellent post by Lucas about object chnages and RSS feeds

[Previous entry: "The hacker resistant database"] [Next entry: "The Patch Impasse: Front line perspectives from enterprise IT"]

An excellent post by Lucas about object chnages and RSS feeds

May 22nd, 2006 by Pete

This is like heaven for me, a post about my favourite subjects together. I obviously mean Oracle security in the sense of object changes and I also mean the discussion of RSS feeds. I am also interested by website development and RSS, XML-RPC amongst othre things. I have just last week set up a perl script to automatically ping weblog directories from Greymatter.

Lucas has posted a very interesting paper on the Amis blog titled "Publishing Data Manipulation as an RSS Feed - using Oracle MOD_PLSQL and Flashback" that describes how the Oracle HTTP server, mod_plsql and PL/SQL can be used to generate an RSS feed of changes that have occured in the database.

This is quite an interesting idea and one that sounds quite useful to get the data where it is needed quickly. Having alerts sent straight to a newsreader is a good idea in principle. There are issues of course such as the need to have a HTTP server in the database and the security of the feed itself in terms of data leakage and also potential for alteration.

I talked about a similar subject when i worked at Pentest, that is the useof timestamps to detect changes in database structure. The paper was called "Have your objects been tampered with?"

May 2006

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

Weblog Home
Weblog Archives

Oracle Security Tools page
Oracle security papers
Oracle Security alerts

Web Development
SQL Server Security

Atom 0.3 FEED
Powered by gm-rss 2.0.0

Valid XHTML 1.0!