Posted by Sven Vetter on 17th June 2008
For quite some time I have been trying to persuade my colleagues to write a MySQL plug-in for Oracle Grid Control. Without success...
But now an official plug-in is available, created by Alex Gorbachev (Pythian Group). It can be downloaded from the "Oracle Enterprise Manager 10g Grid Control
Extensions Exchange" page too - and it is tested from Oracle 
There are very interesting tables and charts included, for instance:
For more information: see the datasheet.
Posted in OEM, Oracle, TrivadisContent | No Comments »
Posted by Sven Vetter on 11th June 2008
A new Audit Vault version is ready for download (for Linux, Solaris, AIX and HP Itanium) . Maybe some bugs are fixed...
I will test it
Posted in Oracle, Security | No Comments »
Posted by Sven Vetter on 5th May 2008
During the last days we have tested the CPU very intensively.
Some information about it:
- I recommend applying it, if you use Oracle Application Express (APEX) 3.0. Because on iDefense it is described, how easy a security hole can vulnerable.
You can upgrade to APEX 3.1 too.
- This is the first CPU without need for a newer version of OPatch (if you applied the patchset before). This means applying would be easier and the software would be more stable
Posted in CPU, Oracle, Security, TrivadisContent | No Comments »
Posted by Sven Vetter on 24th April 2008
After the x86-Linux and the 32-bit Windows version now the x84-64bit Linux version is ready for download.
For more information see here.
Posted in Oracle, Security, TrivadisContent | No Comments »
Posted by Sven Vetter on 10th April 2008
Here is the first information about the next CPU.
Database:
- This CPU contains 17 new security fixes (including 2 for Oracle Application Express)
- The highest CVSS base score of vulnerabilities is 6.6.
This is regarded as a high risk.
- Some very critical components are affected:
- Audit
- Authentication
- Core RDBMS
- Data Pump
- Export
- Oracle Net Services
- Query Optimizer
- ...
- This CPU includes fixes for Oracle Database 11g too.
Oracle Application Server:
- This CPU contains 3 new security fixes
- All of these vulnerabilities may be remotely exploited without authentication!
- The highest CVSS base score of vulnerabilities is 9.3 for clients and 6.6 for servers.
This is regarded as a very high risk.
Oracle Enterprise Manager:
- This CPU contains 1 new security fix (in the Oracle Agent)
- The CVSS base score of vulnerability is 6.6.
This is regarded as a high risk.
Posted in CPU, Oracle, Security, TrivadisContent | No Comments »
Posted by Sven Vetter on 17th March 2008
After the 32Bit version now the 64bit version is ready for download.
I read on Laurents Blog , that the unix versions will be arriving at the earliest in the 3 week of April. This will be very late… 
Posted in Oracle, TrivadisContent | 1 Comment »
Posted by Sven Vetter on 3rd March 2008
After Laurent wrote in his blog , that the update exam for the OCP 11g is available from the 18/02/2008, I want to try it. OK – I didn’t do this on the first day, but the 03.03. is not so late…
Today in the morning I took the exam and I passed the test.
Some comments to it:
- For me the exam was difficult, I found other update exams easier
- The questions were sometimes very deep
- There are nearly no questions about the GUI (Oracle Enterprise Manager)
- I think, I have become quite used to Oracle 11g (a lot of testing, writing course materials, teaching 6 courses, quite reliable preparation). But I found nearly no questions with an immediate and clear answer...
- There were more questions as before (now 85, during the New Features 10g exams there were only 60) -> see here
- To pass, 61% correct answers are enough
(10g = 73%)
- It is recommended to have a really correct look at the exam topics – and to learn just below them, including any PL / SQL calls and default parameters!
Also - viel Erfolg bei der Prüfung !
Posted in 11g, Oracle, Training, TrivadisContent | 8 Comments »
Posted by Sven Vetter on 28th February 2008
Wir haben das Patchset 10.2.0.4 auf einer Database Vault Datenbank getestet.
Obwohl in der Liste der Bugfixes kein Database Vault Bug erscheint, wurden zwei meiner kritischsten Bugs behoben
Einer ist noch offen - aber dieser ist wesentlich schwieriger (und nur als SYS) auszunutzen.
Da die OS Authentication für SYSDBAs wieder gesperrt ist, kann ich nun den Einsatz von Database Vault mit dem Patchset 10.2.0.4 empfehlen.
Trotzdem braucht es viel Datenbank- und Security-Wissen, um eine sichere Installation zu gewährleisten...
Posted in CPU, Oracle, Security, Security Alerts, TrivadisContent | No Comments »
Posted by Sven Vetter on 28th February 2008
Folgende Oracle-Aussage stimmt definitiv nicht mehr:
Patch sets provide bug fixes only; they do not include new functionality and they do not require certification on the target system.
Wie in diesem Blogeintrag zu sehen ist, gibt es weitere neue Funktionen, worüber sich die "Performance Junkies" freuen werden
Posted in Oracle, TrivadisContent, Tuning | No Comments »
Posted by Sven Vetter on 24th February 2008
Entgegen meinem ersten Artikel (und dem Kommentar meines Kollegen Chris zu diesem Artikel ) ist Real Application Testing doch in 10.2.0.4 verfügbar:
Ein paar Bemerkungen aber dazu:
Und das Wichtigste: Die gesammelten Daten können problemlos auf einer 11g-Datenbank abgespielt werden !
Also - erfolgreiche Tests!
Posted in OEM, Oracle, TrivadisContent | 1 Comment »
