Oracle XE TNS Mitigation

It’s been quite a while since my last post. Finding time to post is the roughest part for me so forgive this post if it’s a bit crude. I felt it was more important to get this up than make it pretty.

First some background.  All versions of Oracle at this point have a vulnerability to TNS Poisoning. I won’t go into details of that since it’s documented and discussed numerous places. What I will cover is what steps I have taken to secure my implementation of Oracle XE 11g. I should note that none of my implementations are EXTERNAL FACING, they are internal to the network only.

Read more

Using PLINK for Windows to Linux integration

I recently had a situation where I needed to call a program that was executed on a Linux server from a Windows server. My problem was that I needed to connect to a Linux server via SSH, run the program and wait for the output to show up on a shared drive. I was restricted to using free tools that did not require installation, ones that could be executed on the command line. The specific problem was that in my Windows script I could not get past the password prompt when I connected to the Linux server via SSH with PuTTY.

Read more

Oracle Application Express Listener 403 Forbidden Error GlassFish

I seem to have discovered some “undocumented” behavior in the Oracle Application Express Listener. I say “undocumented” because I couldn’t find any reference to it in the documentation. It’s not completely odd behavior but it probably should be documented if it is intended behavior.

First, here is my configuration. I do not know if the issue exists with all configurations of the Application Express Listener.

  •  Windows 2008r2
  •  Oracle XE 11gR2
  •  APEX 4.1.1
  •  APEX Listener 1.1.3.243
  •  GlassFish Server 3.1.2

Read more

Oracle XE log rotate

I recently decided to install Oracle XE (Express Edition) 11gR2 on a Windows Server 2008R2 platform.  That platform is x64 only.  OracleXE 11gR2 is only available in a 32bit version.  I thought that shouldn’t be a problem since 2008R2 has the ability to run 32bit programs.  Well, that was just the first of a few eye-opening misconceptions.  Once the installation was complete I upgraded the APEX environment to the latest version (v.4.1.1) following Mike Smithers posting. Much thanks to him for that.

Everything appeared to run just fine.  I decided to take a look at the alert_xe.log to see what, if anything, was going on with the database.  What I found was numerous messages like the following;

OER 7451 in Load Indicator : Error Code = OSD-04500: illegal option specified
O/S-Error: (OS 1) Incorrect function. !

Read more

Hello world!

The title seems only fitting for my first blog post.  I have no idea how frequently this site will be update but I hope to post something useful for others.  My hope is that others can learn from my experiences.

Happy reading!