Pete Finnigan

Subscribe to Pete Finnigan feed Pete Finnigan
PeteFinnigan.com's weblog is the only weblog dedicated to Oracle security.
Updated: 13 hours 57 min ago

Oracle Core Audit - Do you Audit your Core database engine for breach?

Sat, 2018-09-15 20:26
Oracles core database audit is a useful tool to monitor activity of the core database engine or applications and detect potential abuses. It seems to be a sad fact that with a lot of companies that i visit and from....[Read More]

Posted by Pete On 15/09/18 At 08:28 AM

Categories: Security Blogs

Oracle Security Training by Pete Finnigan in 2018

Thu, 2018-07-19 19:46
Are you worried about the data in your databases being stolen? GDPR has just become law across the EU and the UK and affects business in other countries that process EU citizens data. Maybe you store and process credit card....[Read More]

Posted by Pete On 19/07/18 At 02:04 PM

Categories: Security Blogs

Oracle Can Generate 6 Password Hashes When a User is Added or Password Changed in 12.1.0.2 and Above

Wed, 2018-06-13 22:46
In a 12.2.0.2 database it's possible that Oracle generates 6 different password hashes for one password for one user under certain circumstances when a password is changed or created (user is created). I will layout the 6 different ones first....[Read More]

Posted by Pete On 13/06/18 At 09:02 PM

Categories: Security Blogs

Need Help with Oracle Security GDPR Training and Services

Sun, 2018-06-10 02:46
I talked here a few days ago about GDPR in general and I also published my slides from my talk GDPR for the Oracle DBA . We have been helping clients secure data in their Oracle databases and training people....[Read More]

Posted by Pete On 09/06/18 At 04:33 PM

Categories: Security Blogs

Grants WITH GRANT

Thu, 2018-06-07 19:46
The ability to make grants on objects in the database such as tables, views, procedures or others such as SELECT, DELETE, EXECUTE and more is the cornerstone of giving other users or schemas granular access to objects. I say granular....[Read More]

Posted by Pete On 07/06/18 At 06:58 PM

Categories: Security Blogs

GDPR

Thu, 2018-06-07 01:26
I posted a couple of days ago my slides from the recent UKOUG Northern Technology day in Leeds where I spoke about GPPR for the Oracle DBA. I said then that i am also preparing a service line for helping....[Read More]

Posted by Pete On 06/06/18 At 03:10 PM

Categories: Security Blogs

GDPR for the Oracle DBA

Mon, 2018-06-04 18:26
I did a talk at the recent UKOUG Norther Technology Summit in Leeds, UK on May 16th. This talk was an enhanced version of the one i did at the UKOUG tech conference in Birmingham in December 2017 to a....[Read More]

Posted by Pete On 04/06/18 At 08:40 PM

Categories: Security Blogs

PeteFinnigan.com Limited Printed Oracle Security Training Manuals for Sale

Mon, 2018-06-04 00:06
Over the last year or so we have offered for sale left over printed manuals from some of our training courses. Normally we only print the manuals for classes that we organise for in person training such as the classes....[Read More]

Posted by Pete On 03/06/18 At 01:47 PM

Categories: Security Blogs

Oracle Security Training In York, UK, 2018

Sun, 2018-06-03 05:46
I have just updated our public training dates page to add two new dates for Oracle Security training classes that I will be running here in York, UK. We now have 4 dates covering three available classes. These are as....[Read More]

Posted by Pete On 02/06/18 At 06:54 PM

Categories: Security Blogs

Running Code as SYS From Another User not SYSDBA

Wed, 2018-05-23 13:06
I have been embroiled in a twitter thread today about the post i made in this blog yesterday around granting privileges to a user and who should do the granting. Patrick today asked a further question: How do you make....[Read More]

Posted by Pete On 22/05/18 At 08:42 PM

Categories: Security Blogs

Who Should Grant Object Rights?

Wed, 2018-05-23 13:06
Patrick Jolliffe posted a question via a tweet back in April but due to personal health pressures with a close relative of mine I have not had the time to deal with much over the last few months. I did....[Read More]

Posted by Pete On 21/05/18 At 07:08 PM

Categories: Security Blogs

Oracle 18c Security utl_file_dir and schema no authentication

Tue, 2018-05-08 06:26
I have managed to build an 18c database this weekend to test and learn on. I have not had a massive time to look into 18c yet but I will do over the coming days and weeks. The new features....[Read More]

Posted by Pete On 07/05/18 At 09:10 PM

Categories: Security Blogs

New Oracle Security Public Training Dates Available

Fri, 2018-04-13 19:46
Due to some very critical close family health issues in the last few months I have delayed advertising any public training dates this year for my Oracle Security classes as I have had to be available for family support during....[Read More]

Posted by Pete On 13/04/18 At 10:10 AM

Categories: Security Blogs

Training Class Manuals For Sale

Tue, 2018-03-06 14:26
I have previously offered spare printed training manuals last year for sale here and these were snapped up. I have just found one manual for my two day class - how to perform a security audit of an Oracle database....[Read More]

Posted by Pete On 06/03/18 At 02:51 PM

Categories: Security Blogs

Pete Finnigan Presented About Oracle Database Vault and Oracle Security

Fri, 2018-02-16 07:06
I have not added much here on my site for some time due to a serious health issue taking a lot of my time with a close family member. So please bear with me if you email or contact me....[Read More]

Posted by Pete On 15/02/18 At 08:44 PM

Categories: Security Blogs

Grant DBA to yourself - exploit or not?

Wed, 2017-10-11 10:26
Yesterday Peter from the Master of Disaster Blog sent me an email to ask if I had seen the issue in his post before and whether it was a new exploit. I looked at the post and immediately recognised that....[Read More]

Posted by Pete On 11/10/17 At 12:06 PM

Categories: Security Blogs

New Oracle Security book - Oracle Incident Response and Forensics

Tue, 2017-10-03 19:06
I have been quiet on here for a while due to a large workload and also in the last weeks writing a new book - Oracle Incident Response and Forensics" to be published by Apress. The book is complete as....[Read More]

Posted by Pete On 03/10/17 At 08:52 AM

Categories: Security Blogs

Oracle Security Training In York - October 30 - 31st 2017

Wed, 2017-09-06 07:06
I will be running my two day Oracle security training course - How to Perform a Security Audit of an Oracle Database - Here in my home city of York, UK on the 30th to 31st October 2017 this year....[Read More]

Posted by Pete On 06/09/17 At 09:33 AM

Categories: Security Blogs

get_tab2.sql - Free Tool to show Privileges on an Object Updated

Wed, 2017-08-30 10:06
I have a core set of PL/SQL scripts that I use when conducting Oracle security work on customer sites. Most of these are available on this website for many years. One of these is my script get_tab2.sql which shows grants....[Read More]

Posted by Pete On 30/08/17 At 12:11 PM

Categories: Security Blogs

What Are NULL pname entries in v$process?

Tue, 2017-08-29 15:46
I got a message on Linked In today from Jijo who asked why when he queries v$process are some of the PNAME column values NULL. I have a simple script vproc.sql that I use when analysing databases for many years....[Read More]

Posted by Pete On 29/08/17 At 02:35 PM

Categories: Security Blogs

Pages