Pete Finnigan pete\ Copyright Ltd 2005, All rights reserved. All trademarks are the property of their respective owners and are hereby acknowledged,2024-02-19:%2Fweblog%2Farchives%2F00001562.htm Pete Finnigan pete\ How do you know how secure your Oracle databases are? How secure should your Oracle databases be? These are interesting questions that we will cover in this three part post. This first part is going to cover the high level....<a href="">[Read More]</a> <p>Posted by Pete On 19/02/24 At 01:43 PM</p> 2024-02-19T13:45:13Z 2024-02-19T13:45:13Z How to Secure all of Your Oracle Databases - Part 1,2024-02-19:%2Fweblog%2Farchives%2F00001561.htm Pete Finnigan pete\ My company Limited is 21 years old today!! It seems that time has gone so fast. When I started the company my oldest son was a baby and now he is almost 22 years old and works here in....<a href="">[Read More]</a> <p>Posted by Pete On 12/02/24 At 11:28 AM</p> 2024-02-19T13:45:13Z 2024-02-19T13:45:13Z Happy 21st Birthday to Limited,2024-02-19:%2Fweblog%2Farchives%2F00001560.htm Pete Finnigan pete\ I have liked APEX for many years and been involved in auditing and securing Oracle databases that include APEX for many years. What surprises me sometimes is that those deploying and developing an APEX application treat it like a box....<a href="">[Read More]</a> <p>Posted by Pete On 29/01/24 At 03:35 PM</p> 2024-02-19T13:45:13Z 2024-02-19T13:45:13Z Securing APEX,2024-02-19:%2Fweblog%2Farchives%2F00001559.htm Pete Finnigan pete\ I have investigated a number of possible and later proved data breaches in Oracle databases over the years and more recently just before Christmas I was doing the same again for a client. I cannot talk about any specifics of....<a href="">[Read More]</a> <p>Posted by Pete On 23/01/24 At 02:35 PM</p> 2024-02-19T13:45:13Z 2024-02-19T13:45:13Z Investigate an Oracle Database Breach,2024-02-19:%2Fweblog%2Farchives%2F00001558.htm Pete Finnigan pete\ It has been a while since my last blog on the 29th December on the ACCESSIBLEBY Clause in PL/SQL . We had a well earned break after the New Year and myself, my wife and my youngest son visited New....<a href="">[Read More]</a> <p>Posted by Pete On 17/01/24 At 03:50 PM</p> 2024-02-19T13:45:13Z 2024-02-19T13:45:13Z Happy New Year for 2024,2024-02-19:%2Fweblog%2Farchives%2F00001557.htm Pete Finnigan pete\ Over many years I have advocated using security in PL/SQL that checks that a caller is coming from the right place. For many years we have been able to do this with the call stack and test on our PL/SQL....<a href="">[Read More]</a> <p>Posted by Pete On 29/12/23 At 03:14 PM</p> 2024-02-19T13:45:13Z 2024-02-19T13:45:13Z ACCESSIBLE BY Clause in PL/SQL,2024-02-19:%2Fweblog%2Farchives%2F00001556.htm Pete Finnigan pete\ If you look at the permissions in the database that are possible for a PL/SQL procedure then it looks, at first site to be a little odd. Lets see the possible permissions for PL/SQL (Procedure) SQL> select * from system_privilege_map....<a href="">[Read More]</a> <p>Posted by Pete On 28/12/23 At 10:05 AM</p> 2024-02-19T13:45:13Z 2024-02-19T13:45:13Z Oracle Permissions and Statements or Actions,2024-02-19:%2Fweblog%2Farchives%2F00001555.htm Pete Finnigan pete\ As part of any security audit we want to test the security or strength of passwords as well as any password management settings. We test database passwords of course with PL/SQL crackers and also C based crackers. We test RAS....<a href="">[Read More]</a> <p>Posted by Pete On 22/12/23 At 12:53 PM</p> 2024-02-19T13:45:13Z 2024-02-19T13:45:13Z Cracking APEX Passwords XML::Atom::SimpleFeed 2024-02-19T13:45:13Z's weblog is the only weblog dedicated to Oracle security. Pete Finnigan's Oracle security weblog