November , 2004  

  In This Issue

All articles have been reprinted with the written consent of their respective authors.

Free Utilities

Tablespace Usage Script
By Andrew Simkovsky, Pipeline SYSOP

This script will help determine tablespace usage in a database. 

Click here for the script.
 
Oracle Administration

Resumable Import Sessions
By Karthikeyan Subramaniam, www.hpglobalsoft.com

It is very tough for a DBA to determine the size of the data that would get populated into each tablespace of the database when he/she imports the data from the dump file(s) given by another DBA. While importing from export dump files, DBAs used to be un sure if the import would succeed without any “lack of space issue” in the respective tablespaces, prior to the release of oracle 9i. To get rid of this issue, Oracle has introduced a method that enables the Import session to withstand for a stipulated time without terminating the session as such. This way, the DBA can skip the space related problems during the Import session.

Click here for the article.  
   

DB2

A Real-time Intrusion Prevention System for Enterprise Databases
 By Ulf T. Mattsson, Protegrity

Modern intrusion detection systems are comprised of three basically different approaches, host based, network based, and a third relatively recent addition called procedural based detection. The first two have been extremely popular in the commercial market for a number of years now because they are relatively simple to use, understand and maintain. However, they fall prey to a number of shortcomings such as scaling with increased traffic requirements, use of complex and false positive prone signature databases, and their inability to detect novel intrusive attempts. This intrusion detection system represent a great leap forward over current security technologies by addressing these and other concerns. 

This paper presents an overview of our work in creating a true database intrusion detection system. Based on many years of Database Security Research, the proposed solution detects a wide range of specific and general forms of misuse, provides detailed reports, and has a low false-alarm rate. Traditional database security mechanisms are very limited in defending successful data attacks. Authorized but malicious transactions can make a database useless by impairing its integrity and availability. The proposed solution offers the ability to detect misuse and subversion through the direct monitoring of database operations inside the database host, providing an important complement to host-based and network-based surveillance. Suites of the proposed solution may be deployed throughout a network, and their alarms man-aged, correlated, and acted on by remote or local subscribing security services, thus helping to address issues of decentralized management. Inside the host, the proposed solution is intended to operate as a true security daemon for database systems, consuming few CPU cycles and very little memory and secondary storage. The proposed Intrusion Prevention Solution is managed by an access control system, with intrusion detection profiles, with data item (column) access rates and associating each user with profiles. Further, the method determines whether a result of a query exceeds any one of the item access rates defined in the profile associated with the user, and, in that case, notifies the access control system to alter the user authorization, thereby making the received request an unauthorized request, before the result is transmitted to the user. The method allows for a real time prevention of intrusion by letting the intrusion detection process interact directly with the access control system, and change the user authority dynamically as a result of the detected intrusion. The method is also preventing an administrator impersonating a user of a relational database, which database at least comprises a table with at least a user password, wherein the password is stored as a hash value. 

Click here for the paper.  
Oracle Development

QNXO (Quality In, Excellence Out)
By Steven Feuerstein

Qnxo™ is an "active mentoring" product I have been building over the past year to help Oracle technologists avoid reinventing the wheel and to leverage high-quality code utilizing the latest features of PL/SQL and the Oracle database. Qnxo breaks new ground by acting as both a repository for domain expertise and a mechanism for delivering that expertise to you in a rapid, intuitive manner.

Everyone talks about reusing code. Qnxo makes it a practical reality by providing a searchable, customizable, extensible code repository. Everyone talks about design patterns. Qnxo allows you to create patterns with a simple Code Generation Markup Language, and then generate best-practice based code for your application-specific objects.

Qnxo is the ideal complement to Toad, SQL Navigator or any other PL/SQL IDE. Visit www.qnxo.com to find out more about Qnxo and download the 30 day trial.  

Have you written a Users Group paper or presentation that you would like to share with your colleagues around the world?  Send your paper to newsletter@quest-pipelines.com for possible publication in the Pipeline Newsletter.  If your article is accepted, it will be mailed to over 28,000 readers!
Microsoft SQL Server

Tuning SQL Statements on Microsoft SQL Server 2000
By Kevin Kline & Claudia Fernandez, Quest Software

This paper covers the basic techniques used to tune SELECT statements on Microsoft’s SQL Server 2000 relational database management system. We discuss the techniques available using Microsoft's graphical user interfaces provided in Microsoft SQL Enterprise Manager or Microsoft SQL Query Analyzer, as well as providing a brief overview of Quest Software's query tuning tools.

In addition to tuning methods, we'll show you several best practices you can apply to your SQL statements to improve performance. [All examples and syntax are verified for Microsoft SQL Server 2000.] After reading this paper, you should have a basic understanding of query tuning tools and techniques available with the Microsoft tool kit. We will cover a variety of querying techniques that improve performance and speed data read operations.

Click here for the paper .  

As the winner of the 2004 Microsoft Global ISV of the Year award, we'd like to make you aware of some exciting free training opportunities! Starting in January 2005, Microsoft will deliver a fast-paced week of training with at least 15 free WebCasts and, following, at least 1 WebCast per week focusing on specific developer topics for SQL Server 2005. Go to http://msdn.microsoft.com/SQL/2005Webcasts for all the details.

Everyone who attends a WebCast will receive a copy of the SQL Server 2005 Beta 2 Resource Kit and the Beta 3 Resource Kit when it ships. Also, the first 1500 people that watch 5 or more WebCasts will also receive a special, limited edition SQL Server 2005 WebCast T-shirt. Additionally, all WebCast viewers will be entered into a competition to win an XBOX, one for each day of the week. (see http://msdn.microsoft.com/SQL/WebcastRules.aspx)

Project Management Tips & Techniques
It is Important to Understand Your Project Start Date
Tom Mochal, www.tenstep.com 
Each month, Tom Mochal, President of TenStep, Inc. presents project management tips and techniques for planning and managing a project. TenStep, Inc. has a comprehensive, scalable project management process called TenStep (www.TenStep.com), as well as a project lifecycle process called LifecycleStep (www.LifecycleStep.com). Pipeline readers receive 20% off any TenStep or LifecycleStep purchase by entering the coupon code of "Pipeline" in their purchase.

One of the characteristics of a project is that there is a definite start and end date. This seems simple enough until you start to try to define exactly what these dates mean. There are no universally recommended standards for either date. In many respects, it depends on each organization and whether there are any implications for choosing one alternative over another. 

Click here for more information on project start dates .
 

News & Events

Free Webcasts
For detailed information on these free webcasts, please visit our News and Events page.

Tips of the Month
Oracle DBA Tip of the Month:  Using the V$SEGMENT_STATISTICS Dynamic Performance View
PL/SQL Tip of the Month:  Oracle 10g Bulk Bind Improvements
DB2 Tip of the Month:  Using AUTOCONFIGURE
SQL Server Tip of the Month: Configuring a Mail Profile for SQL Server
MySQL Tip of the Month: Place a Unique Constraint on an Existing Column
Puzzle

Interactive Crossword Puzzle: "Presidents"
 

 
1 Down - Oracle, for Example		 Test your knowledge with the Pipeline Newsletter's Monthly Crossword Puzzle. 

Click here to Play!
Regular Features

We love getting white papers, tips, articles, and code examples/archives from our readers around the world.  Send your submission to newsletter@quest-pipelines.com.  If your article is published, it will be mailed to over 28,000 subscribers.

Our mission at Quest Software - RevealNet Labs is to anticipate the daily responsibilities and challenges faced by database professionals.  Our products help thousands of people solve problems and implement solutions every day.  This newsletter is designed to help facilitate the sharing of information among database professionals.  

About the Newsletter

This newsletter is distributed to Quest Software - RevealNet Labs customers, prospects and friends who have subscribed to it from our website. If you would like to unsubscribe, please visit http://qlist01.quest.com/UnsubMailingList/

Subscribe a Friend!

Do you know someone who would like to receive the Pipeline Newsletter? If so, please enter their email address in the box below and click SUBMIT.
  
Subscribe to re:Quest, Quest's Quarterly newsletter with articles, new product announcements, success stories and much more.
 

Past Issues of the Pipeline Newsletter