Pete Finnigan

Subscribe to Pete Finnigan feed Pete Finnigan's weblog is the only weblog dedicated to Oracle security.
Updated: 15 hours 3 min ago

Oracle 12cR2 Security - Listener Port

Mon, 2017-05-01 19:26
I downloaded Oracle 12cR2 from Oracle when it became available in March and installed a legacy SE2 database and also a single PDB multitenant database and started some investigations to discover and look at the new security features added in....[Read More]

Posted by Pete On 01/05/17 At 01:03 PM

Categories: Security Blogs

New Online Oracle Security PUBLIC Training Dates Including USA Time Zones

Wed, 2017-04-12 17:26
We have just agreed three new online classes to be taught in June and July. These are for my two day class How to perform a security audit of an Oracle database. The classes are two day events and will....[Read More]

Posted by Pete On 12/04/17 At 02:17 PM

Categories: Security Blogs In The Top 60 Oracle Database Blogs

Tue, 2017-04-11 04:46
I got a couple of emails over the last couple of weeks from Anuj at FeedSpot to tell me that my blog (This Oracle Security blog) has been listed in the top 60 Oracle Database blogs on the Feedspot website....[Read More]

Posted by Pete On 11/04/17 At 09:37 AM

Categories: Security Blogs

Oracle Security Training Manuals For Sale

Wed, 2017-04-05 20:26
I had a reason today to go to our company storage for something today and whilst moving other things around to find what I needed I discovered two A4 boxes with printed manuals for some of our recent training classes....[Read More]

Posted by Pete On 05/04/17 At 02:22 PM

Categories: Security Blogs

How to Perform a Security Audit of an Oracle Database Training in Athens, Greece

Wed, 2017-04-05 02:06
I will be teaching my two days class How to Perform a Security Audit of an Oracle Database in Athens, Greece on May 16th and 17th 2017 organised by Oracle University. This is a great class that helps you understand....[Read More]

Posted by Pete On 04/04/17 At 02:45 PM

Categories: Security Blogs

Is SQL Injection A WebSite Problem?

Fri, 2017-03-31 12:06
I saw a post on RobLockards Facebook page this week where he said some people have suggested that his SQL Injection talk only shows calling a procedure from SQLCl and not a web page and he suggests that he may....[Read More]

Posted by Pete On 31/03/17 At 03:38 PM

Categories: Security Blogs

Can You Say That An Oracle Database is nn% secure?

Thu, 2017-03-23 21:26
I often get this type of question from customers and also from people I speak to and even a few times by email. The question is "can you tell us how secure our database is?", is it 10% secure, is....[Read More]

Posted by Pete On 23/03/17 At 03:22 PM

Categories: Security Blogs

PFCLScan - A Security Scanner For Oracle Databases - New Website

Thu, 2017-03-23 03:06
Our software product PFCLScan can be used to assess your Oracle databases for security issues that could make your data vulnerable to loss or attack. PFCLScan initially had its own website, but since the restyle and redesign of our....[Read More]

Posted by Pete On 22/03/17 At 08:24 PM

Categories: Security Blogs

Validating The Length Of An Oracle Database Hashed password?

Thu, 2017-03-16 06:06
Q: Can I validate the length of a password in the Oracle database from the password hash? I have been asked this question a number of times over the years. Even someone emailed me to confirm the answer to this....[Read More]

Posted by Pete On 15/03/17 At 07:52 PM

Categories: Security Blogs

Default Password Hashes for 11g Oracle Database

Tue, 2017-03-14 17:26
I often get Oracle Security related questions from people randomly sent to my inbox or occasionally on Social media and less on on this sites forum. I get questions on average probably 4 times per week in these ways. I....[Read More]

Posted by Pete On 14/03/17 At 06:16 PM

Categories: Security Blogs

12.2 is Available For Download For Linux And Solaris

Thu, 2017-03-02 11:06
The Oracle database 12.2 has been available on the cloud for some time but it has not been available for download so that you can install it on your own servers or virtual Machines. You can download from OTN or....[Read More]

Posted by Pete On 02/03/17 At 09:10 AM

Categories: Security Blogs

Delete from AUD$

Tue, 2017-02-28 22:26
We have been working on a new audit trail toolkit / product for some time now which is called PFCLATK - The PFCL means "P"ete"F"innigan."C"om "L"imited so most of our tools products end up with a consistent name starting PFCL....[Read More]

Posted by Pete On 28/02/17 At 01:06 PM

Categories: Security Blogs

Fourteenth Anniversary For Limited And New Website

Thu, 2017-02-23 14:26
Wow, has it really been fourteen years since I started Limited? - Time has gone so fast and business is getting better and better. We have great customers, great Oracle Security trainings and consulting projects meeting new people and....[Read More]

Posted by Pete On 23/02/17 At 06:33 PM

Categories: Security Blogs

Two New Oracle Security Public Class Dates

Thu, 2017-01-12 15:26

I will be teaching two of my Oracle Security classes with Oracle University soon. The first is my class "Securing and Locking Down Oracle Databases". This class will be taught on the 24th January on-line via the Oracle LVC platform....[Read More]

Posted by Pete On 12/01/17 At 02:47 PM

Categories: Security Blogs

Oracle Security And Merry Xmas And A Happy New Year

Fri, 2016-12-16 21:46

I want to wish all readers of my site and this blog a very happy Christmas and a very prosperous New Year!! It has been some time since my last blog post; that's because we have been incredibly busy on....[Read More]

Posted by Pete On 16/12/16 At 08:54 PM

Categories: Security Blogs

Data Loss

Thu, 2016-09-01 01:26

Quite obviously (well its obvious to me!) one of the areas I am very interested in is data loss / data theft / data security and of course specifically Oracle security. We spend a lot of time looking at customers....[Read More]

Posted by Pete On 31/08/16 At 08:17 PM

Categories: Security Blogs

Oracle Security Training

Mon, 2016-08-22 21:46

We provide expert Oracle Security training classes world wide to many customers privately and also at public events; either as in person classes where the instructor travels to you or via webex where the instructor teaches the classes remotely. We....[Read More]

Posted by Pete On 22/08/16 At 03:52 PM

Categories: Security Blogs

Data Exposure, leakage and Reporting

Wed, 2016-08-10 16:46

I have had an interesting few interactions over the last week or so regarding data supposedly leaked from my website. This is interesting from two perspectives. The first is that three people emailed me and told me that my website....[Read More]

Posted by Pete On 10/08/16 At 10:23 AM

Categories: Security Blogs

Oracle Security Talks, Training and Conferences

Mon, 2016-08-08 09:46

Kamil Stawiarski who runs Database Whisperers sp. z o. o. sp. k., an Oracle specialist consulting company in Poland and whose company is also a reseller for our Oracle database security scanner PFCLScan in Poland has invited me to speak....[Read More]

Posted by Pete On 08/08/16 At 12:48 PM

Categories: Security Blogs

Oracle Security Expert Seminar

Fri, 2016-07-08 21:46

I am happy to announce that I will be teaching a five day Oracle Security expert seminar class with Oracle University at Oracle offices in Reading, UK from September 26th to September 30th 2016. This is a 5 days expert....[Read More]

Posted by Pete On 08/07/16 At 02:45 PM

Categories: Security Blogs