Basically, a company that made technical specs (including drawings) for some very advanced, high-speed transportation things, had not taken a backup of their system tablespace for 18 months. Then the system01.dbf file did its own thing, and their database didn't really feel good.
Andre told me that he had a guy who was working on a tool that might be able to help us out. But it was in beta, etc., etc.
So I went back to Denmark, called Bernhard, and we agreed that he would fix the bugs as we encountered them.
I sent one of my guys - Christian Fabricius - online, and he was gone for three days, but got all the technical drawings out of the datafiles (Bernhard had to fix two or three things as we went along - a tribute to his coding skills). All that time, practially, Bernhard was online. Rock'n'roll.
We were very proud. First time in history. Blah blah blah. When my manager went to a meeting with the customer a week later we were all expecting joy and happiness and perhaps some gratefullness from the customer.
But no. He was furious. Why hadn't we told him that it was neccessary to take a backup of the system tablespace? Where in the documentation did it clearly state that that was required? It was all our fault.
And we didn't even charge them more than normal hourly rates.
I never tried the other suggestion Andre had (and which he had used many times himself): Create a dummy database that has the same datafiles as the problem database. Then take the file headers from the dummy database and patch on top of the real database. Then you can start up, since the information in the file headers match.
Andre was one cool guy. He's enjoying early retirement, he claims.
Mogens
Rachel Carmichael wrote:
Kevin Loney tells the story of making a call to the data center from the CIO's office and asking them to make a copy of the backup tapes and leave them at reception. since the call came from the CIO's office, they made the copy
--- Pete Finnigan <[EMAIL PROTECTED]> wrote:
Hi Peter
Glad to hear that there are controls in Oracle for use of DUL, I was thinking of a case where i heard that one guy rang up the backup storage company for a large company and requested a set of backup tapes be left at reception at the company and he just walked in off the street and took them. Mitnik tells similar stories in his book.
Thanks for the internal Oracle insight Peter,
kind regards
Pete
In article <[EMAIL PROTECTED]>, Peter Gram
<[EMAIL PROTECTED]> writes
Hi Petethat
I have used Dul many times at customer sites when I was employed by Oracle Denmark.
Every time the customer management had to verify by phone and fax
before wethey understood the full impact of using Dul.
Oracle have disclaimer that explains the problems with missing transaction consistency of the
data saved by Dul and the security issues.
The customer has to sign and fax the disclaimer back to Oracle
came on site .-)it
After I left Oracle several people ask me if would write a Dul and I
declined.
I'm of the opinion that Dul should stay behind the Oracle firewall.
/peter
Pete Finnigan wrote:
Hi Mark
I agree with you Mark, even if its supplied by Oracle technicians -
inis as you say possible to by-pass security completely. Does anyone
( inOracle check that the field support personnel dispatched to a site
Oracleurgency ) are dumping data for the owner of it? -
I covered the issue of DUL with regards to security is the SANS
supplyingsecurity step-by-step book - action 6.5.1
kind regards
Pete
In article <[EMAIL PROTECTED]>, Mark Leith <[EMAIL PROTECTED]> writes
One problem I see with giving this away "free" is that you will be
bypassing alla tool that allows you to extract data from the database,
this kind ofinbuilt security. A BIG "no no". I suppose that also applies to
tool even under a paid license structure.
-- Pete Finnigan email:[EMAIL PROTECTED] Web site: http://www.petefinnigan.com - Oracle security audit specialists Book:Oracle security step-by-step Guide - see http://store.sans.org for details.
-- Please see the official ORACLE-L FAQ: http://www.orafaq.net -- Author: Pete Finnigan INET: [EMAIL PROTECTED]
Fat City Network Services -- 858-538-5051 http://www.fatcity.com
San Diego, California -- Mailing list and web hosting services
---------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
-- Please see the official ORACLE-L FAQ: http://www.orafaq.net -- Author: =?ISO-8859-1?Q?Mogens_N=F8rgaard?= INET: [EMAIL PROTECTED]
Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
