Category Archives: infosec

Oracle 23c, improved error messages #quicktip

#Old Error Message #New Error Message Well, that makes it easier. I believe this will help people new to writing sql, I remember quite well when I was first learning, I would struggle understanding the error messages.

Posted in infosec | Leave a comment

Oracle 23c #dual table #quicktip

We’ve been using the dual table to return information on functions for longer than I care to think about. Now, in 23c you don’t need to include “from dual” in your code.

Posted in infosec | Leave a comment

Connect #sqlcl to #oci Autonomous database #quicktip.

I love working from the command line. Now, don’t get me wrong, I spend quite a bit of time in #sqldeveloper and love it. Quite a few of my scripts reside on my laptop where I can use my editor … Continue reading

Posted in infosec | Leave a comment

Roles, Roles, Roles, what should you grant. DB_DEVELOPER_ROLE

When you have developers, sometimes it’s challenging to determine just what roles they need. If you’re not careful, you’ll over privilege an account and just as anoying you may wind up under privilege an account and need to go back … Continue reading

Posted in infosec | Leave a comment

Getting histograms of data

When coming into a new environment and trying to learn a bit about the data my customer has; one of the tools I use is to grab histograms of key data. Now in sqlcl and sql developer you have the … Continue reading

Posted in infosec | Leave a comment

Oracle 23c Improved and More Secure Local Auto-Login Wallets

There has been something that’s bothered me for a long time, Oracle 23c addresses it. In the old days, a database could be copied over to another machine along with it’s auto-login wallet; and the auto-login wallet would work. In … Continue reading

Posted in infosec | Leave a comment

Grey Beards #7 with Cary Millsap

Posted in infosec | Leave a comment

Oracle 23c, if exists and if not exists.

In the old days before Oracle 23c, you had two options when creating build scripts. 1) Take the error message such as ORA-00942 Table or View does not exists, or you could write pl/sql and trap the error like this. … Continue reading

Posted in infosec | Leave a comment

Oracle 23c Schema privileges

In Oracle 23c we can now grant privileges on a schema to a user. Now, in previous versions of Oracle, you never wanted to grant with the “ANY” clause; however, now we can just apply that to a schema. In … Continue reading

Posted in infosec | Leave a comment

Gray Beards #3 with #Oracle ACE Director, Jim “the why guy” Czuprynski.

Posted in infosec | Leave a comment

Gray Beards #2, we’re chatting with #Oracle ACE Director Craig Shallahamer.

“Welcome to Grey Beards #2 with Oracle ACE Director Craig Shallahamer, where we delve into the exciting world of Oracle technology and beyond! In this episode, we’re discussing the back story behind the sale of OraPub to Viscocity, the impact … Continue reading

Posted in infosec | Leave a comment

Why do I keep seeing this problem with Transparent Data Encryption? Performance issues.

There are days when I honestly want to hang up my spurs and retire. To be honest, the problem is not with TDE; it’s with some people not understanding how TDE works. There are a couple ways you can implement … Continue reading

Posted in infosec | Leave a comment

Oracle 23c Free Developers edition is now here.

We’ve come a long way from 10g XE to 23c Free Developers edition. Oracle 23c Free Developers Release

Posted in infosec | Leave a comment

Gray Beards #2 with Oracle ACE Director Craig Shallahamer.

Posted in infosec | Leave a comment

Tech layoffs are here, what can you do to protect yourself?

Roger Cormejo and I discuss tactics you can use to protect yourself and make yourself relevant.

Posted in infosec | Leave a comment

Oracle Machine Learning Scratchpad new feature.

I’ve been working learning Oracle Machine Learning and noticed a new feature this morning. You now have the ability to run R scripts in scratchpad.

Posted in infosec | Leave a comment

Oracle Audit Vault Database Firewall 20.7 Adds TLS support

Here we’re just discussing Database Firewall! Oracle AVDF 20.7 now supports TLS. Here I’m using TLS Conn 1 and TLS Conn 2 to represent two distint TLS connections. For database firewall to use this, the traffic must be decrypted at … Continue reading

Posted in infosec | Tagged , , , , , , | Leave a comment

Connect #sqlcl to your cloud database. #quicktip

Dude, it’s easy! Download the wallet. I will rename the zip file to something that makes sense to me. In this case avdf_test_db.zip (that’s because I’m using this database to test Audit Vault Database Firewall. See, it makes sense! startup … Continue reading

Posted in infosec | Tagged , , , , , | Leave a comment

Data spillage #quicktip

Statistics data is stored in the sysaux tablespace, if you’re not using full database encryption, then you have unencrypted data. In OCI, this is encrypted by default.

Posted in infosec | Tagged , , , , | Leave a comment

Oracle datapump prevent spillage #quiktip

If you use datapump to get an export of your database, then please encrypt your exports. Even if you’re using TDE, this spillage can happen. To fix this, use the encryption parameter on the command line. This will prevent data … Continue reading

Posted in infosec | Leave a comment

PL/SQL Granting Roles to Packages #Quicktip

–As a user with create role privileges and the ability to grant — the required privileges to the role. ie: DBA conn rob_dba@demo create role <role>; grant <privilege> on <object owner>.<object name> to <role>; grant <role> to <package owner> with … Continue reading

Posted in infosec | Leave a comment

After your migration to OCI, #quicktip

After migrating your database to OCI; if you don’t need the data anymore on your local system(s), you should do a secure delete on all your local datafiles. If you are going to need the data again, then move the … Continue reading

Posted in infosec | Leave a comment

Password problems.

Do you see the problem with the following code fragment?c##sec_admin > administer key management set keystore open identified by SecretPassword; If your network is not encrypted, your password will be sent in the clear. This is part of the huge advantage … Continue reading

Posted in infosec | Leave a comment

Oracle Database Baseline Security Standards

Ya’ know, it’d be really nice if someone put together some baseline security standards for the Oracle database. Well, you can find those is a couple of places. These tools checklist are free to use. Now, I’m partial to the … Continue reading

Posted in infosec | Leave a comment

Oracle Audit Vault / Database Firewall (AVDF) 20.7 and Sensitive data discovery.

Oracle AFDF can track the usage of sensitive data in your database, this includes, who can access, who has made changes, and access by privileged users. Improving your ability to keep an eye on what is happening with sensitive data. … Continue reading

Posted in infosec | Leave a comment