oracle Archives - The Silicon Underground

Home » oracle

Patch management strategy

Dave Farquhar security April 3, 2017July 27, 2017999, adobe, Canada, contractor, Exploit, good security, google, hacker, hacking, java, microsoft, microsoft patches, nessus, oracle, PDF, scanner, SCCM, server, sprint, SQL, sysadmin, verizon, vulnerability, wsus 2 Comments

Vulnerability management and patch management are close relatives. In most companies, think of them as siblings who hate each other. That’s usually how it plays out. It doesn’t always have to be that way, but it takes some thought and strategy from both sides. Here are some ideas for patch management strategy.

Simple tips to prevent ransomware

Dave Farquhar security March 8, 2016April 23, 2017adobe, antivirus, EMET, Exploit, Free Antivirus, internet explorer, java, malware, malwarebytes, Malwarebytes Anti Exploit, microsoft, microsoft security, Microsoft Security Essentials, oracle, PDF, proxy, Proxy server, psi, secunia, security essentials, server, vector, Windows 10, windows 7

Last week at work, I noticed some odd events in an event log, and when I investigated them, I found they were part of a failed ransomware attack. This got me thinking about how to prevent ransomware at home.

Ransomware, if you aren’t familiar, is an attack that encrypts your data and demands a ransom, usually around $300, in bitcoins, and you get a short deadline until it destroys your files. More often than not, paying the ransom is the only way to get the files back, so it’s much better to prevent it.

Whitelist Java to provide better security and a better user experience

Dave Farquhar security, Windows December 9, 2015September 15, 2016Ada Lovelace, corporate environment, Deployment Rule Set, EMET, java, JRE, laptops, oracle, proxy, Proxy server, server, URL, web browser, Whitelist, Whitelist Java

One of the best things you can do to improve your security in a corporate environment is to limit the use of Java, or whitelist Java. Undoubtedly there will be one or more legacy web applications your company uses that require Java, and it’s almost inevitable that at least two of them will be certified for one and only one version of the JRE, and it won’t be the same one.

Believe it or not there’s a solution to the problem of conflicting JREs, but it took me years to find it, because I had no idea that Oracle called it “Deployment Rule Set.” The secret’s out now. If you run Java, and you want security, you need Deployment Rule Set.

Unchecky is another tool to help with staying out of trouble with malware

Dave Farquhar security October 22, 2015September 16, 2016adobe, Adobe Flash, antivirus, EMET, irony, java, malware, oracle, psi, secunia

I found a mention of a tool called Unchecky as a minor point in a story about something else entirely. Unchecky helps to solve the problem with downloaded programs including a bunch of extra junk you don’t want.

I won’t be running it myself. But the next time I fix a computer, I’ll probably install it on that one.

Resources for learning SQL

Dave Farquhar Servers and Networking September 30, 2015November 26, 2016databases, microsoft, Microsoft Access, mysql, oracle, quirks, SQL, sysadmin

Whether you’re a sysadmin, an analyst, or use a computer for something else professionally–even if you’re not a database administrator or developer–SQL is a useful skill to know. I’ve gotten by for 20 years without knowing much more SQL other than simple SELECT statements, but those days are rapidly winding down–if I want to be good at my current job, I’m going to have to take some time to learn SQL. If you’re in the same boat, here are some resources for learning SQL.

Here are two resources:

http://pgexercises.com/

https://sqlschool.modeanalytics.com/the-basics/introduction/

SQL is the underlying language behind Oracle, Microsoft SQL, MySQL, PostgresSQL, and probably a few other databases I’m forgetting. If you’re doing something beyond Microsoft Access, it’s probably using some kind of SQL. Each implementation has its own quirks but the basics remain the same between all of them.

Expect a rough road ahead for Flash

Dave Farquhar security July 15, 2015July 14, 2015adobe, android, apple, breach, chrome, Exploit, facebook, google, Google Chrome, hacking, html, IOS, ipad, iphone, microsoft, oracle, os x, Patch Tuesday, yahoo

Adobe has patched Flash twice in two weeks now. The reason for this was due to Hacking Team, an Italian company that sells hacking tools to government agencies, getting hacked. Hacking Team, it turns out, knew of at least three unpatched vulnerabilities (also known as “zero-days” or “0days”) in Flash, and exploits for these vulnerabilities were among the things that got breached.

That’s why Adobe is having a bad month.

How to patch less

Dave Farquhar security, Windows March 20, 2014April 15, 2017chrome, CPU, DISA, firefox, firewall, GUI, internet explorer, microsoft, Microsoft Office, mindset, optimizing, oracle, router, server, servers, SQL, STIG, vulnerability, web browser, web browsers, Windows Server

One of my former supervisors now works for a security vendor. He told me the other day that someone asked him, “Does your company have anything so I don’t have to patch anymore?”

The answer, of course, is that there’s nothing that gets you out of ever having to patch anymore. To some degree you can mitigate, but there’s no longer any such thing as a completely friendly network. The reasoning that you’re behind a firewall doesn’t work anymore. On corporate networks, there’s always something hostile roaming around behind the firewall, and you have to protect against it. If you’re on a home network with just a computer and a router, your computer and router attack each other from time to time. That’s the hostile world we live in right now. Patching is one of the fundamental things you have to do to keep those attacks from being successful.

That said, there are things you can do to patch less. Read more

Things to do for your relatives’ computers this Christmas

Dave Farquhar security December 5, 2013April 17, 20172 gb, acrobat, adobe, antivirus, antivirus scanner, antivirus software, christmas, Classic Shell, CPU, Cryptolocker, EMET, firewall, Firmware, GB, hard drive, hosts, java, linux, microsoft, microsoft security, Microsoft Security Essentials, motherboard, MSE, new hardware, New Year, oracle, psi, RAM, religion, router, routers, Run Windows Update, scanner, secunia, security essentials, ssd, windows 7, windows 8, Windows Update, Windows XP, WRT

I wish I’d posted this last week, since many of us see one set of relatives at Thanksgiving and a different set at Christmas (and perhaps New Year’s). Here are things you can do as preventative maintenance for relatives whose computers could use a little help. Read more

Doing more than one operation per line in a Windows batch file

Dave Farquhar Windows September 13, 2013December 5, 2015Air Force, batch file, java, oracle, robocopy, server, shavlik, Shavlik Protect, TEMP

Sometimes in a batch file I find myself needing to perform more than one operation on a server, especially inside a for loop. Rather than do a pair of for loops, which isn’t always desirable, you can use the & operator.
Read more

Libre Office and Open Office both grow up a bit–together

Dave Farquhar Software July 26, 2013July 25, 2013apache, HDTV, IBM, Libre Office, microsoft, Microsoft Office, monitors, Open Office, Open Source, oracle, ribbon, Word Perfect

Both Libre Office and Open Office released new versions this week, and the changelog indicates a good amount of shared code between the two, at least in this go-round. The animosity between the two—Libre Office is a fork of Open Office, dating to before the time Oracle spun the project off to Apache—may thus be overstated. Read more

← Previous