systemd-busybox.sh

Build and start a busybox container under systemd on Oracle/RedHat/CentOS/Scientific Linux 7. Includes a chroot demo.

inetd_port_knock.sh

Port knocking script implemented at the TCP level. Includes the remoteip.c source code in case your (x)inetd does not define the REMOTE_IP environment variable. Best used with the fire alarm script below. Email me if you are implementing this and you have questions.

inetd_fire_alarm.sh

Emergency alarm for hostile network probes. Includes the localport.c source code. If you are using with port knocking, then uncomment the blacklist. Email me if you are implementing this and you have questions.

awkback

Oracle7-style backups with awk. Lately, this script seems to work better with Brian Kernighan's "One True Awk" than it does with the GNU version.

otop

Joins the Linux "top" report with Oracle's v$session and v$process tables, providing visibility of remote users of your machine.

barebackup.sql

Oracle7-style backups, generated directly from sqlplus (pl/sql). Resulting script must be under a megabyte.

orastrong.sql

Force new database passwords to be at least 8 characters, and include letters, numbers, and allowed symbols (#$_).

orapw.gawk

Print a random, 8-character password, guaranteed to include a letter, a number, and an allowed symbol (#$_).

dbcontrol-orcl

Linux startup/shutdown script for your Oracle database(s). In the filename of the script, replace "orcl" with the name of the SID that you would like to control. Make hard/soft links with different names to control different SIDs, all using the same physical script. Assumes that your database SIDs and home directories are documented in /etc/oratab. When shutting down a database, the script will kill all database connections that are marked with LOCAL=NO, so the PMON does not cause shutdown delays. Should be run as root.

ADDLE

DDL extractor (Korn shell script). Useful for moving tables with LONG columns (or moving any tables at all in v7, which lacks "ALTER TABLE MOVE"). Uses import/export to get table and index definitions, then SQL to get grants, triggers, and comments. It will not extract views (as they are not dropped when the table is dropped), and it will not disable any foreign key constraints. Best if the script is saved as "ADDLE" (for clarity of directory listings).

checkrowcounts.awk

Convert the log-output from the Oracle export utility into SELECT statements to check that rowcounts match in newly-imported tables. Rowcounts from the export utility should be captured with "2>&1 | tee exp.log" - afterwards, run "checkrowcounts.awk exp.log" and pipe the output into sqlplus. Check for the @ character in the output ("fgrep @") to see problem tables.

cloak.ksh

Utility (requires ksh93) for concealing passwords from ps -ef reports.

oracheckpw.sh

Extracts the list of Oracle users from DBA_USERS, and attempts to login to each account using a password specified at runtime. If no password is specified, it attempts to login with a password that is the same as the username.

gensmtp.gawk

Generic script for sending electronic mail with gawk. Reads input file with email addresses in the first field. Several parameters in the script should be changed (SMTP server, local host name, FROM: address, message subject, message body, etc.). Requires (working) gawk network extensions.

alertscan.awk

Oracle alert log scanner. Brute force approach, written in awk. Requires the gnu date utility. Details in the script.

alertscan.gawk

Revised alert log scanner, using GNU AWK's time extensions. Slightly different syntax.

rbshrink

Shrink all your rollback segments.

tsfull

List all datafiles for tablespaces that are over 90% full.

sqltune.php

Web interface for dbms_sqltune - pass it a sql_id and get Oracle's report.

bannerscan.bash

Get the banner messages for telnet, mail, ftp, and ssh for a collection of hosts, which can be useful for a cursory network security scan. In general, banner messages should be modified to remove version number information. OS "fingerprinting" under the nmap utility might also be useful for network OS profiles. An interesting list of hosts in an Oracle environment can be obtained from an "Onames" server with:
namesctl dump_tnsnames list.txt
Remove the hostnames from the output and call the script thus (STDERR is noisy and is ignored below):
/path/to/bannerscan.bash < hostlist.txt 2>/dev/null

createdb8i.sql

Create an 8i database using LMTs for everything (including rollback). This script must be edited (change SID, datafile locations). The init.ora must also have "compatible = 8.1.0" to use these features.

createdb9i.sql

Create a 9i database. This script must be edited (change SID, datafile locations). The init.ora must also have UNDO settings in place (undo_management=auto, undo_tablespace=undo, undo_retention=86400), and the "compatible" parameter must be set to at least "9.0.0" ("9.2.0" may be a better choice).

createdb10g.sql

This has all the features of the 9i creation script above, plus it creates the new, mandatory SYSAUX tablespace.

standby-delay.ksh

This script applies archived logs to a standby server only after they are 12 hours old, then moves the used log to a separate directory. Allows you to "alter standby database open read only" and examine your data from 12 hours in the past (which is useful if you cannot flashback because you aren't using UNDO). The logs must be in chronological order - if a log is transfered without preserving the file modification time, the script will not apply it properly, requiring manual intervention.

security.sql

Helpful security steps, gained from past exposure to audits and automated security scanners.

to_number_force.sql

Oracle's to_number function returns ORA-01722: invalid number upon finding non-numeric characters in a string. This function will return NULL when such characters are found, and otherwise will perform the to_number.

LinuxUserReset.sh

Script for root to set a user's account to a random password and force a password change at first login (similar to /usr/lbin/modprpw -x from HP-UX).

spliceORACLEwithSQLSERVER.gawk

Script to combine data from MS SQL Server and Oracle. Requires a login shell capable of "here documents" in the Bourne style (tricky on Windows). Uses separate delimiter styles, and reads all contents into memory for gawk-style sorting (not appropriate for large result sets).

SQLSERVERgettab.php

Script to extract and cleanly display a table from a CTLIB server, such as Microsoft SQL Server or Sybase Adaptive Server/Enterprise. The table needs at least one row of data to display properly.

flac2mp3.awk

Convert FLAC files to mp3 format. This assumes that you have all album tracks with no gaps. For DOS/Windows users, make sure the paths to the flac and lame binaries are correct, then pipe a sorted list of the FLAC files to the script, like so:
dir /b *.flac | gawk -f flac2mp3.awk "Name of Artist" "Title of Album"