Pete Finnigan's Oracle Security Weblog
This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.
[Previous entry: "SQL Injection Attack"] [Next entry: "Training, twitter, Oracle security products"]
David has released four new papers on Oracle security topics a few days ago. Two of the papers seem to be from his ill fated book on Oracle Forensics as they are labelled http://www.v3rity.com/OracleForensicsHowAttackersBreakIn.pdf - (broken lnik) chapter 3 - How attackers break in and http://www.v3rity.com/OracleForensicsPreventingBreakIns.pdf - (broken link) chapter 4 - Preventing break ins respectively but one is perhaps too short for a book.
The other two papers are on http://www.v3rity.com/OracleForensicsDataBlock.pdf - (broken link) Oracle data blocks and http://www.v3rity.com/OracleForensicsInvestigatingPLSQLInjection.pdf - (broken link) a forensic analysis of PL/SQL injection attacks in Oracle.
David has also released a new tool via his new company site V3rity which is free. The tool is a http://www.v3rity.com/v3rity_data_block_examiner_for_oracle.php - (broken lnik) Data block examiner for Oracle