Sentrigo integrates with Repscan to provide vulnerability assessment
Anybody using Oracle databases, and anyone who is concerned about vulnerability assessment should be familiar with Repscan – the best scanner for Oracle databases, developed by Alexander Kornbrust’s...
View ArticleOracle Jul2009 CPU
Wow, that’s a big one! Not so much as in the number of security bugs fixed but from the severity point of view. Oracle fixed 30 vulnerabilities which is a bit less than the previous CPUs. Most of the...
View ArticleSide-Channel Information Leakage using VPD
A guest post by Roy Fox, Sentrigo’s Head of Security Research. Thanks Roy! Introduction Black boxes are rarely entirely black. Many have side effects in addition to their functional effects, and...
View ArticleYAOPC – Yet Another Oracle Password Cracker
I was preparing a presentation for RMOUG and wanted to show how easy it is to crack Oracle passwords once you get the hashes. There are a lot of Oracle password crackers out there but I find that using...
View ArticlePoor man’s data discovery for Oracle
I’m sure we all did something similar once or twice in our DBA lives. I had to create a simple script to perform regular expression based data discovery for Oracle. This script will be used as a check...
View ArticleNew interesting feature of Oracle 12c
This looks like an interesting feature of Oracle 12c. I’m still not sure about the security implications but it does say interesting things about pure network monitoring security tools. Now, more than...
View Article