http://www.petefinnigan.com/weblog/entries PeteFinnigan.com's weblog is the only weblog dedicated to Oracle security. en-gb Copyright PeteFinnigan.com Ltd 2005, All rights reserved. All trademarks are the property of their respective owners and are hereby acknowledged 2013-05-07T16:23:17Z Pete Finnigan (mailto:webmaster\@petefinnigan.com) Pete Finnigan (mailto:pete\@petefinnigan.com) PeteFinnigan.com's weblog is the only weblog dedicated to Oracle security. Pete Finnigan's Oracle security weblog http://www.petefinnigan.com/images/company_logo_1.gif http://www.petefinnigan.com/weblog/entries http://www.petefinnigan.com/weblog/archives/00001360.htm <p> I wrote a new presentation last year on secure coding with PL/SQL and presented it twice; once at a SIG in London and once in Oracles office in Edinburgh. This is a really interesting subject for me as i have....<a href="http://www.petefinnigan.com/weblog/archives/00001360.htm">[Read More]</a> </p> <p>Posted by Pete On 14/01/13 At 07:43 PM</p> http://www.petefinnigan.com/weblog/archives/00001359.htm <p> This post if not specifically about Oracle Security but I got here because of Oracle security so i am going to talk about Oracle security first...:-) I am working this morning on a proof of concept code for a security....<a href="http://www.petefinnigan.com/weblog/archives/00001359.htm">[Read More]</a> </p> <p>Posted by Pete On 06/09/12 At 11:38 AM</p> http://www.petefinnigan.com/weblog/archives/00001358.htm <p> OK, its not Oracle database security but its big news and it is from Oracle. Oracle have recently released an out of band Java security patch which supposedly fixed serious security flaws; then a few days ago the guys at....<a href="http://www.petefinnigan.com/weblog/archives/00001358.htm">[Read More]</a> </p> <p>Posted by Pete On 05/09/12 At 12:11 PM</p> http://www.petefinnigan.com/weblog/archives/00001357.htm <p> I am going to be doing three sessions at the UKOUG conference this December in Birmingham. I am going to be chairing the Oracle Security Round table on the 4th December. I am also writing three new presentations; two for....<a href="http://www.petefinnigan.com/weblog/archives/00001357.htm">[Read More]</a> </p> <p>Posted by Pete On 04/09/12 At 02:44 PM</p> http://www.petefinnigan.com/weblog/archives/00001356.htm <p> The paper " Identifying Yourself in the Oracle Database " is available as a pdf to download from my Oracle security white papers page . This is new paper in terms of it has not been posted to my site....<a href="http://www.petefinnigan.com/weblog/archives/00001356.htm">[Read More]</a> </p> <p>Posted by Pete On 03/09/12 At 08:11 PM</p> http://www.petefinnigan.com/weblog/archives/00001355.htm <p> It has been a long while since my last blog post. I have been very busy with Oracle security consulting, data security audits, teaching training courses and of course with my companies Database Security Scanner - PFCLScan . Oracle security....<a href="http://www.petefinnigan.com/weblog/archives/00001355.htm">[Read More]</a> </p> <p>Posted by Pete On 20/06/12 At 02:23 PM</p> http://www.petefinnigan.com/weblog/archives/00001354.htm <p> I am going to be teaching by two day Oracle security training course in Berlin on March 6th and 7th 2012 for DOAG - the German Oracle users group. You can find details of the course and also register to....<a href="http://www.petefinnigan.com/weblog/archives/00001354.htm">[Read More]</a> </p> <p>Posted by Pete On 13/02/12 At 11:57 AM</p> http://www.petefinnigan.com/weblog/archives/00001353.htm <p> Alex commented on my post about " oradebug " about the select statement on x$ksmfsv which holds a list of all fixed variables amongst other things and joined it to x$ksmmem to get the absolute address in the SGA to....<a href="http://www.petefinnigan.com/weblog/archives/00001353.htm">[Read More]</a> </p> <p>Posted by Pete On 21/09/11 At 07:26 PM</p> http://www.petefinnigan.com/weblog/archives/00001352.htm <p> Laszlo has published his slides from Hacktivity in Budapest last weekend where he shows how the Oracle undocumented oradebug command can be used to exploit the database; covering turning off authentication, turning off audit and more. His slides are here....<a href="http://www.petefinnigan.com/weblog/archives/00001352.htm">[Read More]</a> </p> <p>Posted by Pete On 21/09/11 At 12:54 PM</p>