Call: +44 (0)7759 277220 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Oracle Security WebSite Woes!"] [Next entry: "Credit Card Security and Passport Security"]

Oracle Security Posts And Conferences

The latter part of the title of this blog post first!. I submitted a couple of entries for the up-coming UKOUG Oracle conference this year; I hope that they will be accepted. The Judging process is on going now. The conference is moving this year to Manchester from its normal home of the ICC in Birmingham so it will be good to be in a new venue. I volunteered for the abstract judging as I normally do and the thing that struck me this year is that there is a good number of talks submitted on Oracle security so it should be a good conference; excellent!

The second part of this short blog is that whilst looking at the broken web site earlier this week Marcel-Jan sent me an email to let me know that he could not access a forum post that he had made recently titled "oracle-enum-users doesn’t work on Nmap 6.25" that he could not longer access. This was due to my webserver file system telling itself that it was read only; an aspect of the disk issues we were having. In Marcel-Jan's post he referenced his blog and I made a note to mention it here. Marcel-Jans Oracle Blog is excellent and includes a number of posts around Oracle security, these include:

1) discussing nmap against the Oracle listener
2) the subject of Marcel-Jans post on my forum which was that the oracle-enum-users didnt workin his testing for an upcoming talk,
3) hacking Oracle as a way to learn why you need to secure it
4) Public database links are a problem
5) creating Oracle database honey pots
6) auditing the listener
7) a good discussion of worms and Oracle

and many more, head over to Marcel-Jans Oracle blog for more details.