Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Steve has improved his Custom JDBC URL example"] [Next entry: "SANSFIRE is coming up very soon"]

A good book on reverse engineering

I was in Borders the other looking for a book for my wife and ended up (as usual!) in the computer books section. I was browsing the security books and came across a book on reverse engineering that I had not seen before. The book is titled "Reversing: The Hacker's Guide to Reverse Engineering" and is written by Eldad Eilam. I have always been interested in this area and also decompilers so i ended up buying it. I have not had chance to read it yet, except to skim it. The book starts with some basic background on reversing and then moves on to look at low level software, assembler, compilers etc. The book then includes some Windows fundamentals and then moves on to talk about creating a reversing toolkit by discussing some useful tools, dissasemblers, debuggers (kernel and user), decompilers, patch tools, system monitoring, tracing etc. The second part then looks at some practical examples, auditing binaries and also how to reverse malware. Part three then looks at cracking, piracy and copy protection and how to help prevent reversing techniques, how to break protection and then finally in part 4 Eldad talks about reversing .NET and also decompilers.

This looks like a great book, I will let you know when I have read it if it really is. The obvious question is why read a book like this? - Well for me because I am interested in anything security related and also as you know Oracle related. Reverse engineering is normally not something a DBA or anyone managing an Oracle system and applications should be concerned with but if you want to secure your applications then its is worth knowing what hackers get up to. If you understand the threats then you can better secure your applications and data. As Reg Holdsworth used to say on Cornonation Street "Knowledge is power". (For those not in the UK, Coronation Street is one of the most popular and long running soap operas here).