Saturday, October 27, 2007

Enterprise Manager Troubleshooting

Most frequently seen problems with EM console have to do with non properly configured networking environments and skipping the dhcp warning at the installation phase. Proper networking configuration prerequisites have to be met before proceeding with installation.

1. DHCP issues.
Assigning a dynamic IP address makes the EM console to fail. Since the repository is configured with the environment it collects at install time, if a dynamic address is assigned, next time the computer unplugs (most frequently seen on laptop computers) EM stops working.

2. Use of IE with Enhanced Security Option enabled.
This is another issue frequently seen, when IE Enhanced Security option is enabled EM stops working, even though the console can be started.

3. Enterprise Manager can be accessed but Performance and maintenance tab request again for login credentials
This is another issue due to improperly configuring the networking and host name resolution environment. Oracle reads the hosts file to establish both the IP Address and the fully qualified host name. If it fails to properly read the hosts file, or if this doesn't properly identify the host, then the localhost.localdomain will be taken to configure the EM Console. When Attempting to solve the tns entry to access the performance tab or the maintenance tab Oracle won't be able to identify the host declared at the tns entry and it will fail to access, even though the provided credentials and the tns entry seem to be well configured.

4. Changing hostname or fixed IP Address
When networking changes happen then an EM reconfiguration is required.

For further references on HowTo troubleshoot and reconfigure Enterprise Manager I suggest to refer to this link --> Enterprise Manager DB Control Console.

Thursday, October 25, 2007

Who's Who at Oracle Forums

The more time I spend on the Oracle forums the more people I get to know, even though I have never physically seen most of them, only by the kind of regular answers I have been able to 'see' Who's who.

Sybrand Bakker AKA sybrandb
It's funny to see people on the forums who are self qualified as 'Senior Oracle DBA', and when trying to google them on the web the only kind of references obtained so far are at an extreme poor, simple and moronic (thanks Howard for this vocabulary addendum), no white papers found, no meaningful forum participation, no semminars, no references, no history, no blog, no personal web page, no nothing but simple racist, aggressive and rude answers at the Oracle related forums.

I have always said that reading the manual is the first source of Oracle information, but for heavens sake!, RTFM is not a 'Senior DBA Level Answer' I would like to hear, and guess what, just issue a search at the Oracle forum for the RTFM string, and you'll see who is one of the posters who most frequently provides this as an answer.

I though this gentleman was participating at the Oracle forums only, but when googling for 'Sybrand Bakker' I have found several other interesting references on the web with the same signature and the same 'Seior Oracle DBA' Level Answers. Just a xenofobic who shows a lot of aggressivity, lack of manners and lack of knowledge. I couldn't even say if this fellow poster has the OCA and I have not been able to find someone who makes a good reference for Mr. Bakker.

I still cannot understand why someone who definitely hates to write for free and whose contributions are less than binary rubbish, wastes his time writing for nothing but to build up a very ugly reputation.

Sunday, October 07, 2007

My roots


Madrid surname was first found in Old Castile in the heart of Spain, where the name originated in Visigothic times. It means one who came from Madrid, the capital of Spain. When Jews converted to Christianity in Spain in the 15th century, whether voluntarily or by force, they often took a last name based on their town or city or origin.

Some of the first settlers of this family name or some of its variants were: Among the early explorers of the New World were Juan De Madrid, who came to America in 1510; Gonzalo De Madrid, who came to the Dominican Repulic in 1560.

I was born in Mexico City, my roots are both, my family came from Hidalgo, where immigrants from England and Spain settled attracted by the gold and silver mines at Real del Monte, where in 1830 the Cornish first installed the steam mining machinery. One of the family branches later became farmers and settled in Tulancingo, where my mom was born. On my father's side, his family came from Huauchinango to Tulancingo, and there was where my parents met, however they didn't get married there. They lost contact and it was several years later when they met again in Mexico City, where finally I was born.

Monday, October 01, 2007

Is it possible to decrypt the Oracle password?

Oracle's hashed password algorithm, even though is supposed to be secret, it has been shown to be weak due to several vulnerabilities.
Weak Salt SelectionNon-random salt values.Lack of alphabetic case preservation.

On 1993 there was a post on the comp.databases.oracle newsgroup which describes the algorithm in detail, identifying an unknown fixed key as an input parameter. The key was later published on a book named "Special Ops". This has provided enough information to reproduce the algorithm:

1. Concatenate the username and the password to produce a plain text string;

2. Convert the plain text string to uppercase characters;

3. Convert the plain text string to multi-byte storage format; ASCII characters have the high byte set to 0x00;

4. Encrypt the plain text string (padded with 0s if necessary to the next even block length) using the DES algorithm in cipher block chaining (CBC) mode with a fixed key value of0x0123456789ABCDEF;

5. Encrypt the plain text string again with DES-CBC, but using the last block of the output of the previous step (ignoring parity bits) as the encryption key. The last block of the output is converted into a printable string to produce the password hash value.

Let's suppose a user's password is about 12-16 characters, then the algorithm would perform between 6 and 8 DES encryptions to compute the hash value.

The hash algorithm has another weaknesses, it can be calculated out from rainbow tables, which are precomputed hashed passwords which can be used to compare the actual hash password value later.

Ref. An Assessment of the Oracle Password Hashing Algorithm
Carlos CidInformation Security GroupRoyal Holloway, University of London
carlos.cid@rhul.ac.uk
Joshua WrightSANS Institutejwright@sans.org
18. Oct. 2005