Free Oracle Tips

HTML Text

Home
E-mail Us
Oracle Articles

Oracle Training
Oracle News
Oracle Forum
Class Catalog

Our Staff
Our Prices
Help Wanted!

Remote DBA
Oracle Tuning
Emergency 911
RAC Support
Apps Support
Analysis
Design
Implementation
Oracle Support

SQL Tuning
Security
UNIX
Oracle UNIX
Linux
Oracle Linux
Monitoring
Remote help
Remote plans
Remote services
Oracle C++
Oracle Java
Apache
JDeveloper
App Server
Applications
Oracle Forms
Oracle Portal
11i Upgrades
SQL Server
Oracle Concepts
HTML-DB Tips
Software Help
Remote Help
Development
Implementation

Financials Training
Oracle 11i
Oracle Apps 11i
Oracle Workflow
Oracle AR 11i Class
Oracle AP 11i class
Oracle GL 11i class
Oracle HR 11i class
Oracle FA 11i class
11i Project Mgt
11i procurement
11i collections

Oracle Posters
Oracle Books
Oracle Tuning Book
Oracle RAC Book
Oracle Security
Easy Oracle Books
Oracle Scripts
SQL Server DBA
SQL Design Patterns
WISE
Excel-DB

BC Oracle News

Rednecks!
Dress code
Arabian Stallion
Burleson Arabians
Guide Horses
Don Burleson Blog
Golf & Travel

Privacy Policy

Oracle Business Intelligence, OLAP and BI training and consulting tips . . .

Click here for more
Oracle News Headlines

2008 Update - For a complete treatment of the topic of Oracle security on the web, see these books and resources:

2007 trends in Oracle web security management
Oracle Forensics, by Paul M. Wright, Rampant TechPress
Oracle Privacy Security Auditing, By Arup Nanda, and Donald K. Burleson, Rampant TechPress

From XKCD

Mark Rittman

SQL Injection Oracle Security Paper By Pete Finnigan

I've just come across Pete Finnigan's website, where's he's put together an excellent set of links through to Oracle security papers written by himself and other third parties. One particularly interesting paper is on Detecting SQL Injection In Oracle, a bit of a 'hot topic' these days summed as;

"SQL Injection is a way to attack the data in a database through a firewall protecting it. It is a method by which the parameters of a Web-based application are modified in order to change the SQL statements that are passed to a database to return data. For example, by adding a single quote (‘) to the parameters, it is possible to cause a second query to be executed with the first. "

Some other useful papers available on the site include "An Introduction To Simple Oracle Auditing", "Exploiting And Protecting Oracle", and "A Simple Oracle Security Scanner". Pete specializes in Oracle Security and offers a detailed security audit of Oracle databases, details of which are on the website homepage.

Need an Oracle Health Check?

Do you have bad performance after an upgrade?
Need to certify that your database follows best practices?

BC Oracle performance gurus can quickly certify every aspect of your Oracle database and provide a complete verification that your database is fully optimized.

Oracle performance Tuning 10g reference poster

Oracle training & performance tuning books

Note: This Oracle documentation was created as a support and Oracle training reference for use by our DBA performance tuning consulting professionals.
Feel free to ask questions on our Oracle forum.

Verify experience! Anyone considering using the services of an Oracle support expert should independently investigate their credentials and experience, and not rely on advertisements and self-proclaimed expertise. All legitimate Oracle experts publish their Oracle qualifications.

Errata? Oracle technology is changing and we strive to update our BC Oracle support information. If you find an error or have a suggestion for improving our content, we would appreciate your feedback. Just e-mail: and include the URL for the page.

Burleson Consulting

The Oracle of database support

Oracle® is the registered trademark of Oracle Corporation.