| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Tracing SQL Statements Behind a Form
Hi Pete.
Thanks very much for that.
Best regards,
Ed.
Pete Finnigan <plsql_at_petefinnigan.com> wrote in message news:<SUYo$mAAKD9ARxIi_at_peterfinnigan.demon.co.uk>...
> Hi Ed,
>
> I have a paper on my site that has many many ways to setting trace for
> your own user, another user and at differing levels, you can find it at
> http://www.petefinnigan.com/ramblings/how_to_set_trace.htm - Also you
> might want to look at a paper i wrote called "Detecting SQL Injection in
> Oracle" - it covers a few ways that can be used to trap the SQl sent to
> the database from an application or person. Incluing sniffing the
> network, sql*net trace, from the SGA, trace, etc. You can find it at
> http://www.petefinnigan.com/orasec.htm
>
> Also if the application uses OCI as the lowest client level (not sure if
> forms does - i suspect it might use UPI) then there is a tool called
> OCISPY that can trap all client OCI calls including SQL. A link to it is
> on my tools page http://www.petefinnigan.com/tools.htm
>
> hth
>
> kind regards
>
> Pete
Received on Wed Jul 14 2004 - 03:37:44 CDT
 |
 |