Halloween started really scary this year – some company called us and said, that they have some problems with their Oracle Database Standard Edition. Apparently they had a storage crash six months before, which caused some blocks to get corrupted and from that time no one has noticed that RMAN is not producing any backups. […]
You may already read my articles about virtualization/cloud security: In the above articles I was impersonating an evil cloud administrator and showing you how this kind of person can access and modify even encrypted data. We will continue this fun, but this time you may also use this trick when you forget root password in […]
Recently a customer called us that there is something wrong after upgrading Oracle Database to 19.15 on RedHat. Apparently The amount of RAM consumed by DBWR and process servers became really impressive – as a proof I got screenshots looking like this: They said that before the migration it never looked like this and asked […]
Six years ago I wrote a short instruction on how to restore OCR and Votedisk in RAC 12c after a diskgroup failure. Yesterday I had a possibility of validating my procedure in 21c RAC environment and it has occurred that it is a bit more complicated. Who would have thought? 21 is just 12 backwards! […]
So you have migrated your databases to cloud and you want to feel a bit more secure – what do you do? Of course you follow the golden rule and you encrypt you tablespaces. That’s reasonable and that’s what vendor recommends. All databases created in Oracle Cloud Infrastructure are encrypted using transparent data encryption (TDE). […]
Inspired by a little chat with Frits Hoogland about the future of programming languages I challenged myself to learn a bit of Rust and show how to create a shared library to send emails and attach it to Oracle as an external procedure (just as I did with GoLang here: https://blog.ora-600.pl/2021/05/04/golang-as-oracle-external-procedure/) The steps are actually […]
This short article is a result of the following Twitter activity: So let’s do it! First of all, you have to install GoLang: https://golang.org/doc/install Once this is done, we can create a Go program to send emails. We will use "gopkg.in/mail.v2″ to make it simple. Below you can find a simple GoLang code to send […]
Remember my post, regarding dumping the SGA to read encrypted blocks? What if I tell you, that you can do the same, while being a KVM host administrator with no credentials to a VM itself? Let’s prepare our secure database in a way I did in article AMM vs security. After enabling Oracle Wallet and […]
In my previous article I described a few technics of accessing a guest virtual machine from the virtualization host (KVM) without any credentials. It assumed that our data can get compromised by a corrupted vendor employee. After publishing it I had a few talks with my colleagues and have to explain one thing – the […]