http://www.petefinnigan.com/weblog/entries PeteFinnigan.com's weblog is the only weblog dedicated to Oracle security. en-gb Copyright PeteFinnigan.com Ltd 2005, All rights reserved. All trademarks are the property of their respective owners and are hereby acknowledged 2009-06-28T02:47:36Z Pete Finnigan (mailto:webmaster\@petefinnigan.com) Pete Finnigan (mailto:pete\@petefinnigan.com) PeteFinnigan.com's weblog is the only weblog dedicated to Oracle security. Pete Finnigan's Oracle security weblog http://www.petefinnigan.com/images/company_logo_1.gif http://www.petefinnigan.com/weblog/entries http://www.petefinnigan.com/weblog/archives/00001251.htm <p> We are holding a public training event in my home city of York on July 13th and July 14th 2009. The two day seminar is aimed at getting anyone who needs to perform a security audit of an Oracle database....<a href="http://www.petefinnigan.com/weblog/archives/00001251.htm">[Read More]</a> </p> <p>Posted by Pete On 01/06/09 At 12:52 PM</p> http://www.petefinnigan.com/weblog/archives/00001250.htm <p> I have just uploaded the slides from two recent talks. I gave my Oracle security masterclass in Helsinki for the OUGF last week which went really well and also yesterday I gave my talk "the right way to secure a....<a href="http://www.petefinnigan.com/weblog/archives/00001250.htm">[Read More]</a> </p> <p>Posted by Pete On 21/05/09 At 05:10 PM</p> http://www.petefinnigan.com/weblog/archives/00001249.htm <p> A question was posted on the Oak table mailing list some time back asking if its possible to validate a users password from within the database without creating a session. One of the replies suggested looking at my PL/SQL based....<a href="http://www.petefinnigan.com/weblog/archives/00001249.htm">[Read More]</a> </p> <p>Posted by Pete On 11/05/09 At 02:28 PM</p> http://www.petefinnigan.com/weblog/archives/00001248.htm <p> I have just posted the slides to my recent talk ( The Right Method To Secure An Oracle Database ) at the UKOUG Northern Server technology day held in my home city of York to my Oracle security white papers....<a href="http://www.petefinnigan.com/weblog/archives/00001248.htm">[Read More]</a> </p> <p>Posted by Pete On 01/05/09 At 11:08 AM</p> http://www.petefinnigan.com/weblog/archives/00001247.htm <p> Oracle Corp. issued 43 fixes Tuesday as part of its quarterly Critical Patch Update, repairing flaws in its database management system, application server and application product lines. " Oracle issues 43 updates, fixes serious database flaws " Oracle's advisory is....<a href="http://www.petefinnigan.com/weblog/archives/00001247.htm">[Read More]</a> </p> <p>Posted by Pete On 15/04/09 At 05:57 PM</p> http://www.petefinnigan.com/weblog/archives/00001246.htm <p> I was asked by a colleague a couple of weeks ago if it was possible to create ENUM's in PL/SQL like its possible to create in languages such as C. The actual example the person emailed me is too business/market....<a href="http://www.petefinnigan.com/weblog/archives/00001246.htm">[Read More]</a> </p> <p>Posted by Pete On 14/04/09 At 03:40 PM</p> http://www.petefinnigan.com/weblog/archives/00001245.htm <p> I received a copy of Ron Ben Natan's new book " How To Secure and audit Oracle 10g and 11g " (The link is Amazon.co.uk because I am in the UK, you can find the book on Amazon.com from the....<a href="http://www.petefinnigan.com/weblog/archives/00001245.htm">[Read More]</a> </p> <p>Posted by Pete On 14/04/09 At 11:12 AM</p> http://www.petefinnigan.com/weblog/archives/00001244.htm <p> I am going to be in Edinburgh on April 21st and April 22nd to teach my popular two day class " How to perform a security audit of an Oracle database " with PiSec Limited. This class is great for....<a href="http://www.petefinnigan.com/weblog/archives/00001244.htm">[Read More]</a> </p> <p>Posted by Pete On 02/04/09 At 02:13 PM</p> http://www.petefinnigan.com/weblog/archives/00001243.htm <p> I have released a number of scripts to my site for creating heirarchical reports of privileges. These include find_all_privs.sql, who_has_priv.sql, who_can_access.sql, who_has_role.sql and check_parameter.sql. These are standalone sqlplus scripts. I was asked a week or so ago about whether these....<a href="http://www.petefinnigan.com/weblog/archives/00001243.htm">[Read More]</a> </p> <p>Posted by Pete On 01/04/09 At 12:25 PM</p>