Call: +44 (0)7759 277220 Call
Blog

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Oracle Proxy Users"] [Next entry: "Meet the experts (Oracle Security) at Oracle Open World - an open standard for securing Oracle"]

Happy first birthday to my Oracle security blog!



It is just over one year ago since I started my Oracle security blog, well one year and four days to be exact. I have not had time to write any blog entries for a couple of days so its a belated happy birthday!. As Mark Rittman said on the anniversary of his blog its somewhat of a tradition to review your blog after the first year. I don't know if you are supposed to do the same after the second year, maybe someone would let me know in good time..:-)

I started out on 20 September 2004 with some ideas about how I would write for the blog and how often I would post to it. I planned to cover news items, papers, short and long and tools and basically anything Oracle Security related. I also said I would update it every few days. I think I have performed well on both counts. I have been able to post almost every day, I went for about a period of three months at one time without missing a day I believe. I also think I managed 6 or possibly 7 posts in just one day once (I am not going to look now to check but I think it was at least 6). I have posted 560 posts including this one in one year and 4 days. Not bad going.

I have enjoyed writing this blog and keeping it going over the period. I thought when I started that I would not find enough things to write about to post regularly but I underestimated this by far. I have a large backlog of things to write about now (in excess of 30 items) for instance. The thing now is finding the time to add entries. The blog is going to continue into its second year in much the same way. I still plan to write as regularly as before.

What have been the highlights for me? - Probably the news stories that broke about the various CPU releases and the problems with them. It was great to be there at the forefront passing the new on. Also the recent disclosures by Alex of unfixed bugs. I think this had to happen sooner or later, whether it was Alex or someone else. There are large amounts of unfixed security bugs listed on various researchers site so as I said it was bound to happen. I was quite shocked at the level of news interest in that particular story. For me I think the news items have been exciting and also the recent disclosure of the password algorithm on comp.databases.oracle.server by some guy was interesting and has led to some great free tools coming out.

The one regrettable thing for me was the necessity to turn off comments due to spammers. Also my recent troubles with referral spammers has made running a site more tedious..:-( I plan to upgrade the blog software at sometime to some product that supports comment throttling and also comment moderation as I would really like to have comments enabled. When I have time..:-)

The stats for my site have gone from strength to strength. I started out last year on about 10,000 visitors per month and 363 per day and about 20,000 page views per month. This has grown to about 2100 visitors per day and about 64,000 visitors per month and page views growing to around 250,000 per month. I have served up 1.5 million page views and seen 0.5 milion visits in the last year. The stats are still growing strongly month on month.

OK, thats it for a brief summary, back to Oracle security!