Tuesday, December 28, 2004

Looking Forward To Oracle 10g Release 2

Mark rittman has an interesting weblog on the new 10- realease2 the features and what to expect. Definitely worth reading .

Looking Forward To Oracle 10g Release 2

Pete Finnigan's Oracle security weblog

An interesting aggregation by pete on what the vulnerabilities of Alert 68 Are . this makes it easy for every DBA to understand how to manage and if patching is ncessary or not.

Pete Finnigan's Oracle security weblog

Tuesday, December 14, 2004

Foreign Keys and Software engineering Concepts

While readin thru dbazine i came thr u with this very interesting post about software engineering tactics by Joe Celko
Its a three part article about basic real life design issues that software developers face.
It sort of answered what i wa slookign for in one of my projects
The article is titled Mop The floor and fix The Leak
its a 3 part article on where should stuff be done ,
In the Application , i the database or both.
Which does pose seom interesting issues.
As Software design Evolves . It is soemtimes hard to give policy decisions in these matters due the the evoloving nature of the rdbms.

How High Can You Go by Jonathan Lewis

This article by Jonathan was based on a discussion in hte oracle-l mailing list the qestion was what if any is oracle's limitation to the height of a btree index.
interesting article with interesting results.
How High Can You Go by Jonathan Lewis

DBAzine.com: the online portal for database issues and solutions

Orablogs has a reference to this wonderful article by Jonathan lewis . After reading thru the article it seems that 10g optimizer has some plusses . the minuses will only be known when application faithfully convert to 10g,
Its the old applications that are always the problem new applications can be tailedmade to the new version.
DBAzine.com: the online portal for database issues and solutions

Wednesday, December 08, 2004

So its finally here.
The Great announcement from openworld 10gr2 is really here .
The feature set is interesting and the fact that Oracle is focusing on security which is a key buzzword in the data marketspace with the HiIPAA and fair accounting proactices stuff.
It is yet to to be seen whatpotiiental the dbms_crypto package can bring. though i wasnt out there in openworld the online presentations did give an outlook of what is in store for us this next year.
Since 10g still isnt very big in the production market. people as usual will take a very cautious note as and when 10g r2 ships.
as a further note this blog also ellaborates a lot of the new features elaborated in this blog
Oracle Database 10g Release 2 keynote at Oracle Open World

Today at Open World one of the key notes was about the introduction of Oracle 10g Release 2. With Release 2 the main thrust is improving efficiency and reducing the cost of management. Its all about Grid computing and automation and self managing databases. What’s in it for us Oracle security aficionados?

Well the most direct points from the "Oracle database 10g Release 2: new feature highlights" document are the quotes to say 10g grid provides 24*7 data access whilst being secure. They don't go to say how the data is secure!, lots of 24*7, such as clusterware redundancy and higher availability, integrated tape backup and recovery (These facts are important for data security), fast failover and most interestingly integrated transparent data encryption and key management in the database. This helps to allow customers to protect their data seamlessly without changing applications - they say. This sounds a very interesting addition, one of which I am keep to get my hands on 10gR2 to test and run through its paces. Encryption of data in the database is an interesting problem. There are three main commercial players in this space - see the links on my Oracle Security Tools page. The fact that Oracle say they will support the handling of keys seamlessly in the database is very interesting. I for one would like to know more.

The backup and high availability functions and improvements are also key features for those interested in security. Backups and recovery processes and also high availability strategies should be a key part of any Oracle security policies and procedures.

One other key item of note in the note in the second page that Oracle are now proving statistics collection from the SGA directly from memory. This means that direct SGA access methods are being used. I have some links to papers written by Kyle Hailey and Miladin Modrakovic on my Oracle Internals page that readers may find very interesting to see how Oracle are doing this. I also talked about Direct SGA access in a couple of previous blog entries.

Posted by Pete On 08/12/04 At 10:40 PM


Sergio's Blog: Update from OpenWorld: HTML DB Going like Gangbusters

Html db is a new way to manage your personal intranet and misc stuff.
i'm currently testing this and hoping the new version makes stuff moer easier

Sergio's Blog: Update from OpenWorld: HTML DB Going like Gangbusters

Tuesday, November 16, 2004

Default passwords

This is a good list of stuff to check in your database since security is a buzzword these days it is important to know what one can secure
Pete Finnigan - Oracle and Oracle security information

Wednesday, November 10, 2004

Pete Finnigan - Oracle and Oracle security information

Information on setting up trace . ANice article by pete finnigan help alot when in trouble

Pete Finnigan - Oracle and Oracle security information: "extensively update to include more methods to set trace and also to explore the new ways to set trace in Oracle 10g for multi-tier client server applications
This short paper is not a polished white paper (so please do not expect lots of explanatory text) but is intended to be a good example to show the many ways to set Oracle trace in your own session "

Monday, November 08, 2004

9i Doc Set in Plucker Format for PDA"s Courtesy Rich jess

The entire 9i Doc set was too heavy (big, slow, unneeded stuff) for me =
to use. I have converted a 9MB subset of the 9.0.1 docs to Plucker =
format for viewing on Palm (and perhaps PocketPC?). Biju Thomas has =
graciously been hosting it at:

http://www.bijoos.com/oracle/rjesse/

REMOTE_OS_AUTHENT Oracle Exploit

http://www.cybcon.com/~jkstill/remote_os_authent_exploit.doc

Tuesday, November 02, 2004

Ask Tom

Ask tom A Very Well done and informative place to go to to find or ask questions.
this page lists his presentations and Some utilities

Monday, November 01, 2004

Sox Poll results

ANy Organizational DBA who is dealing with Sox Needs to read this
"
Many dba's are going through
this hassle in various forms and some are being regretfully emasculated to
having squat for privileges... And I am not sure want to broadcast it"

FreeLists / oracle-l / RE: Sox Poll results

Wednesday, October 27, 2004

Virtual Indexes in Oracle

Virtual Indexes in Oracle

Pete Finnigan's Oracle security weblog

Pete Finnigans Security Weblog . A Nice place to keep track of all Security Stuff for Oracle .
I find it very interestign that the fact that oracle is trying to getinto the monthyl security rollout Schedule ( The second installment of which hasnt been released yet ) Sites like pete's and Oracle-l can help demystify a lot of issues and gain first hand knowledge of what people are experiencing .

Pete Finnigan's Oracle security weblog

That was then, this is now

Jonathan Lewis Talks ABout the Old and the New the Way it was Before and the Way it is Now. How to live with CHANGES.
That was then, this is now

Oracle Myth Busters

The Actual post by Don Burleson which has a lot about myths.
Inside RAC Global Block Management, Part 3 by Don Burleson

Circular References (JL Comp)

Jonathan lewis Says it best here. A very true and insightful article .
Circular References (JL Comp)

Google Search