Global vision of security in Oracle (2002 – 2018)

Last week I attended a meeting on the GDPR (General Data Protection Regulation, applies only to EURO), being its mandatory use from May 25, 2018. It is interesting to note that one of the measures sought by this law is partly to try to force to take measures against cyber attacks and from which many organizations and people are not aware of the implications that may come to have. We close the door of the house with a key but we leave the idefensos systems many times.

18 years ago made a presentation in the CUORE, circle of users of Oracle of Spain, on the security of the Oracle database at that time, quite disastrous, although everything must be said, has been improving over time. I’m going to update some of the parts that were seen in this presentation in the next posts.

I leave here the ppt of that presentation and a small pdf, the templates are in Spanish, that gathered the most basic concepts, some of which still continue to be valid.

Presentation (PPT)

BASE_DE_DATOSMISCELANEAREDSISTEMA_OPERATIVOVISION_SEGURIDAD_ORACLE

Network Layer (PPT)

RED

Operating System Layer (PPT)

SISTEMA_OPERATIVO

Database Layer (PPT)

BASE_DE_DATOS

Miscellany (PPT)

MISCELANEA

Documentation (PDF)

VISION_SEGURIDAD_ORACLE

HTH – Antonio NAVARRO

Advertisements

18 Released For Windows And Solaris

Version 18c has finally been released for Microsoft Windows (remember that Oracle no longer develops for 32-bit architectures) and Solaris (for Sparc and x86-64-bit architecture).

PHOTO_DB_18_MULTIPLATFORM

You can download it in the next link

Database 18c

HTH – Antonio NAVARRO

Getting The Ip Using PING Command (Solaris)

Many times we need get the ip for remote, a very simple way is by using the ping command

/usr/sbin/ping

If you execute the command in the more simple option, like show below, you only get a pretty output telling if you remote host is alive.

cloud-4@:/wp/production/srvr/diag> /usr/sbin/ping cloud-2
cloud-4 is alive

Using the -s option you get more info, incluiding the ip;

cloud-4@:/wp/production/srvr/diag> /usr/sbin/ping -s cloud-2
PING cloud-2: 56 data bytes
64 bytes from cloud-2 (120.71.133.100): icmp_seq=0. time=0.098 ms
64 bytes from cloud-2 (120.71.133.100): icmp_seq=1. time=0.087 ms
64 bytes from cloud-2 (120.71.133.100): icmp_seq=2. time=0.067 ms
^C
----cloud-2 PING Statistics----
3 packets transmitted, 3 packets received, 0% packet loss
round-trip (ms)  min/avg/max/stddev = 0.067/0.084/0.098/0.016

HTH – Antonio NAVARRO

Released Maria DB 10.3.9

Recently the new version of Maria DB, a database manager based on MySQL, has been released. Although the original project was almost a copy of MySQL, it is following its own evolution. Here I include the main features of this version

  • Oracle compatibility (data types, sequences and PL/SQL syntax)
  • System-versioned tables and temporal syntax (e.g., AS OF)
  • Purpose-built storage engines (MyRocks and Spider)
  • Data obfuscation and full/partial data masking
  • Instant add column, invisible columns and column compression

To download this version and more information about it you can use the following link;

Maria DB 10.3.9

 
HTH – Antonio NAVARRO

Delete Files Starting With – Character In Unix

Today I have received an alarm by run of space in a ORACLE_HOME filesystem, looking for files to delete I have found the aud files, but the problem is when I try delete files starting with prefix “-“, like show below;

 
cloud@motif-1./app/grd/18.3/rdbms/audit $
cloud@motif-1./app/grd/18.3/rdbms/audit $ rm -MGMTDB_ora_24540_20180821124431970337143795.aud
rm: illegal option -- M
rm: illegal option -- G
rm: illegal option -- M
rm: illegal option -- T
rm: illegal option -- D
rm: illegal option -- B
rm: illegal option -- _
rm: illegal option -- o
rm: illegal option -- a
rm: illegal option -- _
rm: illegal option -- 2
rm: illegal option -- 4
rm: illegal option -- 5
rm: illegal option -- 4
rm: illegal option -- 0
rm: illegal option -- _
rm: illegal option -- 2
rm: illegal option -- 0
rm: illegal option -- 1
rm: illegal option -- 8
rm: illegal option -- 0
rm: illegal option -- 8
rm: illegal option -- 2
rm: illegal option -- 1
rm: illegal option -- 1
rm: illegal option -- 2
rm: illegal option -- 4
rm: illegal option -- 4
rm: illegal option -- 3
rm: illegal option -- 1
rm: illegal option -- 9
rm: illegal option -- 7
rm: illegal option -- 0
rm: illegal option -- 3
rm: illegal option -- 3
rm: illegal option -- 7
rm: illegal option -- 1
rm: illegal option -- 4
rm: illegal option -- 3
rm: illegal option -- 7
rm: illegal option -- 9
rm: illegal option -- 5
rm: illegal option -- .
rm: illegal option -- a
rm: illegal option -- u
rm: illegal option -- d
usage: rm [-fiRr] file ...
cloud@motif-1./app/grd/18.3/rdbms/audit $

use — (double -) to make rm command stop parsing command line options

rm — -MGMTDB_ora_24540_20180821124431970337143795.aud

Or in this other way

rm — *.aud

HTH – Antonio NAVARRO

ORA-16047 When Starting Active DG

This past night I have been activating an active dg. The issue is that it did not finish to start and at the beginning it gave the following error;

ORA-16047: DGID mismatch between destination setting and target database

Looking more in detail at the specific trace file, the following message appears (this is an excerpt of the file);

2018-07-31 07:17:27.263: [ GPNP]clsgpnpkwf_initwfloc: [at clsgpnpkwf.c:471] Result: (7) CLSGPNP_IO. (:GPNP01002:)Failed to open wallet file. dir ‘peer’ in ‘/xxxx/xxxx/xxxx/xxxx/xxxx/xxxx/wallets/’, cannot check wallet home.
2018-07-31 07:17:27.263: [ GPNP]clsgpnpkwf_initwfloc: [at clsgpnpkwf.c:469] (:GPNP01002:)SlfFopen2
Internal Error Information:
Category: SLF_SYSTEM(-8)
Operation: lstat failed
Location: slsfopen3
Other:
Dep: 13
Dep Message: Permission denied

In this case the error is caused by the fact that the log_archive_config parameter is not configured. You can query the value of this parameter in the next way;

show parameter log_archive_config

And you can set it by use the next alter command;

alter system set LOG_ARCHIVE_CONFIG=’DG_CONFIG=(db,stbdb)’;

HTH – Antonio NAVARRO

 

 

 

 

Release 18C released

Oracle has just released version 18c “on-premise”, now all the politics is the cloud and they are putting names for the versions that are not for the cloud.

Indicate that the version has only been released for Linux, also an Oracle policy change that has traditionally made the first versions for Solaris. Which seems to confirm the rumors that Solaris ends in 2030 😦

 
I attached the link for download;

Oracle Database 18.3

And a couple of screenshots

photo_db_18c_v1

photo_db_18c_v2

HTH – Antonio NAVARRO