Christopher Lawson's Blog, page 3

WAITING ON GOD answers the question, "Why God doesn't seem to answer my prayers?" Charles Stanley admits that it is a challenge to wait on God. "It's the ability to keep hoping when the numbers of life bombard us."  First of all, keep your focus steady:

"There is absolutely nothing more important than keeping your focus on God rather than dwelling on your circumstances."

This book offers hope for the believer facing dark times. Dr Stanley reminds the reader that "The father has an awesome plan for you--purposes that are fantastic, perfectly suited for you--and that will give ultimate meaning to your life."  

He gives a touching example of his granddad, whose plans seemed to be amiss. Grandad kept praying, "Lord, you called me to preach and know how much money I need for a tent. This is the best I can do, but I know you can help me. Father, please show me what to do." Later, the granddad would receive an a surprising gift of 300 one-dollar bills exactly what he needed for his ministry.

Dr Stanley points out that we sometimes have to wait.

"Waiting is sometimes necessary for you and me as well. Learning to be directed by God's timing and wisdom not our agenda is one of the most important lessons we ever learn as believers."

Dr Stanley notes that one of the most frequent questions he receives is, "How do I know what the Lord wants me to do with my life?" He lists 4 ways:

(1) The Bible is the first way: "The main way he reveals His purposes for you is always through scripture." 
(2) Secondly we have to seek the Lord's will through prayer. 
(3) Thirdly God uses circumstances to help us discern is well.
(4) Fourthly God expects us to seek godly counsel.

To help confirm God's will, the author suggests a 7 step process. For example, is it consistent with the Scriptures; and, is this a wise decision?

This book includes a wonderful story about the great philanthropist J.C. Penney and how we came to trust in God after a terrible financial set-back (stock market crash and the Great Depression.) J.C. Penney became a born again believer listening to the classic hymn, "God will take care of you."

WAITING ON GOD is an uplifting book--it's one that gives hope, thoroughly grounded in the Bible. This is also a practical book. For example, at the end of each chapter are some activities called points for active waiting.

For another excellent book by Dr Stanley, my favorite is, "Success, God's Way."

The Craziest Tip You Have Ever Seen

I bet this is the craziest tip you have ever seen. Performance tuning requires creativity and innovation. It’s not at all just a routine, drab job—it requires versatility and stepping into different roles. That’s why I like it so much.

Those not truly experienced in tuning tend to trivialize the process, frequently using trite phrases such as “add missing indexes” or “increase buffer cache.” This misunderstanding helps explain why relatively few DBAs become really good at performance tuning—their view of the task is simply too short-sighted.

If your solution set comprises only trivial solutions, you’re not going to excel in this field.

Here’s a tactic I use when I’m faced with an apparently unsolvable performance problem. I imagine that the problem is so critical that people will actually die if I don’t resolve the difficulty.

I imagine that the lives of people are actually in my hands.

A Bizarre Idea, but it Works! 

Yes, I admit this is a bizarre idea, but it actually works. If you can temporarily pretend that there are no limits, you’ll be amazed at the variety of solutions you can invent.

This sample tip from Chris's latest book is Wild Tip #4: Pretend Performance is a Matter of Life or Death! The Craziest Tip You Have Ever Seen

I bet this is the craziest tip you have ever seen. Performance tuning requires creativity and innovation. It’s not at all just a routine, drab job—it requires versatility and stepping into different roles. That’s why I like it so much.

[image error]

I love it!

Those not truly experienced in tuning tend to trivialize the process, frequently using trite phrases such as “add missing indexes” or “increase buffer cache.” This misunderstanding helps explain why relatively few DBAs become really good at performance tuning—their view of the task is simply too short-sighted. If your solution set comprises only trivial solutions like new indexes, you’re likely not going to excel in this field.

Here’s a tactic I use when I’m faced with an apparently unsolvable performance problem. I imagine that the problem is so critical that people will actually die if I don’t resolve the difficulty.

I imagine that the lives of people are actually in my hands.

 Yes, I admit this is a bizarre idea, but it actually works. If you can temporarily pretend that there are no limits, you’ll be amazed at the variety of solutions you can invent.

Introduction

DBSAT is an Oracle-provided command line tool that evaluates how securely your database is configured. DSAT considers such things as: user roles and entitlements, security policies, and security controls.  DSAT is an easy first step to help the DBA mitigate potential security risks on sensitive databases.  DSAT reports identify short-term risks so that the DBA and cyber-security team can implement a comprehensive security strategy.

In this article, we discuss:

DBSAT & its componentsImplementationReport outputHow to interpret the results.

DSAT in action

DBSAT has three components: Collector, Reporter, and Discoverer. Collector and Reporter work together to discover risk areas and produce a reports on those risk areas--the "Database Security Assessment Report." The Discoverer is a stand-alone module used to locate and report on sensitive data. This output is called the "Database Sensitive Data Assessment Report."

Implementation

First, create a database user who has all the required privileges to collect data in collaboration with DBSAT. Keep in mind that the Collector needs to execute on the server where database resides.

User Setup

grant create session to dbsat identified by oracle;
grant select on sys.registry$history to dbsat;
grant select_catalog_role to dbsat;
grant audit_viewer to dbsat; grant capture_admin to dbsat;
grant select on sys.dba_users_with_defpwd to dbsat;
grant select on audsys.aud$unified to dbsat; 

Installation

First, go to http://www.oracle.com/technetwork/database/security/dbsat.html and download the dbsat zip file. Copy it to your database server destination and simply extract the file dbsat.zip.

To install the Database Security Assessment Tool, perform these steps:

mkdir –p /home/dbsat/102
mv dbsat.zip /home/ dbsat/102/
cd /home/dbsat/102
unzip dbsat.zip
Excute DBSAT collector: ./dbsat collect dbsat/oracle@test_database oracle_db

The time it takes to complete depends on the hardware and the data that needs to be collected. A database that has thousands of users and roles might take hours to run. At the end of the process, you’ll be asked to provide a password twice.  Do not forget it as you’ll need it when running dbsat report.

A file named oracle_db.zip is created in the directory (/home/ dbsat/102). There is no need to unzip the file. DBSAT reporter will take either the json file (if –n was used) or the zip file.

DSAT Reporter

DBSAT Reporter will take as input the file generated by the collector (json or zip file). The Reporter and will produce one zip file containing three reports in different formats: HTML, spreadsheet, and text. 

It is a simple command to run Reporter:   ./dbsat report –a  oracle_db

DBSAT will prompt the user for one password--the same password used when running the collector. Another prompt will ask for password to protect the reports zip file. The results will be placed in a password protected zip file named orcl_hol_report.zip.

Report Findings

The report details the level of risk

• Pass: no error found
• Evaluate: needs manual analysis
• Some Risk: low
• Significant Risk: medium
• Severe Risk: high
• Opportunity: improve security posture by enabling additional security features.

Ten common findings from DSAT include:

No Database Security PoliciesNo patching/patch management policy in placeNo encryption of sensitive/regulated dataNo monitoring/auditing in placeOver-privileged accounts; No personalized accounts; NO SoDWeak/inexistent password policies; Weak password managementData sent in clear text to third partiesNo OS hardeningNo sensitive data anonymization in production to DEV/TEST/Training/etc.Sample schemas in production environments/Conclusion

If your Oracle database is not configured properly, you are giving easy access to hackers. Try the Database Security Assessment Tool and see what it finds in your databases. DSAT is totally free and quick to deploy. The tool supports database version from 10g onwards.

Introduction

DBSAT is an Oracle-provided command line tool that evaluates how securely your database is configured. DSAT considers such things as: user roles and entitlements, security policies, and security controls.  DSAT is an easy first step to help the DBA mitigate potential security risks on sensitive databases.  DSAT reports identify short-term risks so that the DBA and cyber-security team can implement a comprehensive security strategy.

In this article, we discuss:

DBSAT & its componentsImplementationReport outputHow to interpret the results.

DSAT in action

DBSAT has three components: Collector, Reporter, and Discoverer. Collector and Reporter work together to discover risk areas and produce a reports on those risk areas--the "Database Security Assessment Report." The Discoverer is a stand-alone module used to locate and report on sensitive data. This output is called the "Database Sensitive Data Assessment Report."

Implementation

First, create a database user who has all the required privileges to collect data in collaboration with DBSAT. Keep in mind that the Collector needs to execute on the server where database resides.

User Setup

grant create session to dbsat identified by oracle;
grant select on sys.registry$history to dbsat;
grant select_catalog_role to dbsat;
grant audit_viewer to dbsat; grant capture_admin to dbsat;
grant select on sys.dba_users_with_defpwd to dbsat;
grant select on audsys.aud$unified to dbsat; 

Installation

First, go to http://www.oracle.com/technetwork/database/security/dbsat.html and download the dbsat zip file. Copy it to your database server destination and simply extract the file dbsat.zip

To install the Database Security Assessment Tool:

Login to the database server as oracle home owner:

mkdir –p /home/dbsat/102

mv dbsat.zip /home/ dbsat/102/

cd /home/dbsat/102

unzip dbsat.zip

Excute DBSAT collector:

./dbsat collect dbsat/oracle@test_database oracle_db

The time it takes to complete depends on the hardware and the data that needs to be collected. A database that has thousands of users and roles might take hours to run. it might take between 2 to 5 minutes. At the end of the process, you’ll be asked to provide a password twice, please do not forget it as you’ll need it when running dbsat report.

A file named oracle_db.zip is created in the directory (/home/ dbsat/102).
There is no need to unzip the file. DBSAT reporter will take either the json file (if –n was used) or the zip file.

Analyze Results

DBSAT reporter will take as input the file generated by the collector (json or zip file) and will produce one zip file containing three reports in different formats: HTML, spreadsheet, and text.  Execute dbstat ti collect data from the database.

./dbsat report –a  oracle_db

DBSAT will prompt the user for one password – the password used when running the collector so it can unzip the file – followed by another password prompt that will be used to protect the reports zip file, plus the password confirmation.
end up with the results of the analysis inside a password protected zip file named orcl_hol_report.zip.
 unzip the file to assessment the reports  unzip orcl_hol_report.zip.

Analyze the generated report – the reporter provided analysis in the form on “findings”. For each findings , we can find below informations.

Unique ID for the Rule The ID has two parts: the prefix identifies the report section, and the suffix identifies the specific rule.
» Status You can use the status values as guidelines for implementing DBSAT recommendations. They can be used to prioritize and schedule changes based on the level of risk, and what it might mean to your organization. Severe risk might require immediate remedial action, whereas other risks might be fixed during a scheduled downtime, or bundled together with other maintenance activities.

• Pass: no error found
• Evaluate: needs manual analysis
• Some Risk: low
• Significant Risk: medium
• Severe Risk: high
• Opportunity: improve security posture by enabling additional security features and technology. Opportunity for Improvement.

The Top 10 findings from running Database Security Assessments :

1. No Database Security Policies / Strategy in place
2. No patching/patch management policy in place
3. No encryption of sensitive/regulated data
4. No monitoring/auditing in place
5. Over-privileged accounts; No personalized accounts; NO SoD
6. Weak/inexistent password policies; Weak password management
7. Data sent in clear to third parties
8. No OS hardening
9. No sensitive data anonymization in production to DEV/TEST/Training/etc.
10. Still some sample schemas in production environments out there

Challenge

If database is not configured properly and provide easy access to hackers .Before hackers identified the loopholes to exploit and access your database, how you will identify them as well.
It’s now time to move to the Database Security Assessment Tool and find out how it could help to identify misconfigurations, users, roles, privileges and the overall security status. .

Conclusion

Its reduce risk exposure through best practices. There is no need to provide additional cost to Oracle support, its totally  free and quick to deploy. This tool supports database version 10g to 18c. I can it’s user friendly tool which assess the present security position of database before exposing to the hackers & clever enough to identify sensitive data to determine risk and appropriate security controls.

In HOW LUCK HAPPENS, authors Janice Kaplan and Barnaby Marsh take a deep look at events that people often ascribe to “luck.” The authors argue that most of these situations happen not because of chance, but because of specific human actions—which might not be so obvious at first.

For example, the seemingly fortunate person might have been incredibly persistent despite numerous failures. Thomas Edison is cited as such an example: “Many of life’s failures are people who did not realize how close they were to success when they gave up.”

Another path to luckiness is developing lots of connections:

“People who know how to play the networking game often end up looking like the luckiest ones around. . . What appears to the outside world as random luck often comes from networking behind the scenes.”

The authors cite the power of observation as another factor that makes one lucky.  Those who can spot clues have an advantage:

“We get lucky when we know where we want to focus—or which possibilities we want to fire up."

I thought the most useful chapter was Chapter Five, “Connect to The Power of Other People.” If you have lots of contacts, you will appear lucky. So,

“Talk to the guy next to you on the plane . . . Give luck to get luck. . .. Rely on the strength of weak ties. . .. Go to every party.”

Making connections

In Chapter Five, do not miss the discussion on “the strength of weak ties.” In the entire book, I thought this point was the most outstanding. When you are trying to get a job (for example), your closest network knows the same people as you do, so these connections are not too useful.  It’s in your most distant connections, your “weak ties,” where the benefit happens:

“Connecting with them opens up a whole new community of possibilities—and because each new person is connected to many others, your possibilities are suddenly vastly larger.”

So, all in all, I found HOW LUCK HAPPENS to be an interesting, inspiring book, with tons of useful observations.  I had not made the connection between “luck” and connecting with people before-that was an especially useful point.  I was not so keen on the format of the book; it’s like “storytelling,” where the author quotes from her conversations with experts in the field. Nevertheless, there are many excellent ideas in this book—especially that point about “strength of weak ties.” I now realize that I must develop more connections. I guess that means I must start going to lots more parties.

Tough job, but somebody has to do it

 

How Luck Happens by Janice Kaplan and Barnaby Marsh

THE ROCK THE ROAD AND THE RABBI is a unique book.  At first, I wondered if it would be all that interesting, but it is! Whilst reading this book, I kept on thinking, “Hey, I want to go on that tour!”  

The reason that Kathie Lee Gifford wrote this book, is that it goes to the heart of what she values most.  This land is the land of the Gospel:

“I believe with all my soul that the answer to every question any person will ever ask is hidden in that land and in the Word of God.”

The author takes the reader to many famous Biblical places.  Then, with the help of two Bible experts, Rabbi Jason Sobel and Ray Vander Laan, she explains what happened here in Biblical times.  The two theologians do a good job of setting the stage, and explaining the meaning of the Biblical passage.

In my favorite chapter, we visit the Valley of Elah, where David killed Goliath. Here, the author and her late husband each pick up a stone.  The question for them is,

“What is your stone? What is your gift? What is the one thing that you can do that no one else can do but you?”   

And that’s how the book works.  We visit the scenes of the Bible, we get an expert explanation of the passage, and also a practical lesson.

In visiting the places where Jesus lived, the guides discuss how people lived at that time I was flabbergasted to hear that a more accurate translation of Jesus’ occupation was “stone mason,” not carpenter!  This fits the Bible narrative well, since “Jesus is the promised master craftsman and architect of creation who brings order out of chaos and shalom to our lives.”

The author sums up her book with this challenging word of encouragement:

“I encourage you to find your stone and throw it at the chaos of this world. Serve the living God and find your purpose in Him.”

Nicely said!  When does the next tour leave?

 

 The Rock, the Road, and the Rabbi by Kathie Lee Gifford

You must applaud anyone who invents the word, “Deslobification.” In DECLUTTERING AT THE SPEED OF LIFE, author Dana K. White explains how to develop a lifestyle of decluttering. She knows how to do this, from personal experience. She admits that,

“Pre-deslobification process, I was overwhelmed by my entire home.” 

A central point of decluttering is the concept of what a “container” is supposed to do. It’s supposed to “contain” and therefore, LIMIT what can be stored. For example, if you understand that your house is a container, then you can begin limiting what is in that “container,” and make room for your family.

Ultimately, the author was able to get rid of her short-lived project to learning welding:

“I Decluttered 67 Lbs. Of Rusty Metal.”

One important guideline is what Dana calls the “Visibility Rule.”  The idea is, to inspire yourself, by starting with the areas that give the biggest visual payback.

Another tip I really liked was to “establish a donate spot.”  Everyone in the household knows where to take the stuff.  (We already use that idea in our house, and it works well.)

There is an entire chapter on how to mix decluttering and your family. The author treads carefully here!  She wisely notes, “You cannot control another person.”  In her home, she happened upon a good tactic, which worked well. She gave her spouse a container to encourage him to declutter—and it worked!  Her husband’s outlook on clutter changed, and “his grip on the things I thought he’d never give up loosened.”

So, all in all, I found DECLUTTERING AT THE SPEED OF LIFE to be a fun, informative read.  Of course, not all the chapters were equally valuable, but I found many of the tips and concepts helpful.  Dana K. White is a brave woman to talk about getting your spouse onboard. Plus, any writer who invents the word, “Deslobification” deserves a good review.

Decluttering at the Speed of Life by Dana K. White

 

That’s right--it’s important to eat a wide variety of veggies, especially the odd ones! Forgot those common veggies you see at the market. Instead,

“Eat all the strange, weird, and unpopular veggies instead of the boring, all-too-common ones.”

If you find some strange sea vegetable from Japan, eat it!

Practical note: As a result of reading this book, I will be planting a garden full of zany, healthy vegetables. I’m really looking forward to putting the ideas in this book into action!  (You don’t have to agree with all his points to realize the value of fresh, wholesome vegetables.)

Eating unusual veggies is just one of the fun tips that Dr. Mark Hyman presents in, FOOD: WHAT THE HECK SHOULD I EAT?  The author covers some of the hottest topics in diet research, and explains what we’ve gotten wrong.  

Readers familiar with Dr. Hyman’s work will recognize his passion on overuse of sugar. He notes that many health organizations recommend limiting sugar to 10 percent of the daily calories.  Alas, the typical American child eats 3-times that amount. One good change is to limit sugary fruit juice. So, skip the O.J., and “Eat the orange instead.”

RESEARCH JUST IN:

A study too late for the authors to include: Stanford University/NIH Study of 609 dieters concluded that either a low-fat or a low-carb diet has similar benefit—as long as the food is HEALTHY. The head researcher notes:

“Eat less sugar, less refined flour and as many vegetables as possible. Go for whole foods, whether that is a wheatberry salad or grass-fed beef.” 

Wow—these recommendations sound very similar to Dr. Hyman’s recommendations.

Dr. Hyman notes that eating meat does not really lead to obesity and heart attacks. One reason studies have claimed that, is that people who eat a lot of eat have OTHER bad habits that do indeed cause health problems. To support his point, Dr. Hyman cites one summary of 53 studies, which found that high-fat diets achieved superior weight loss. Also, a comprehensive study “found no link between saturated fat consumption and heart disease.”   Yet another large study found “no difference in mortality between vegetarians, pescatarians, and meat eaters.”

At first, I found the conflicting conclusion about meat bewildering, but in turns out that his dietary recommendations are very similar to the “limit meat” camp.  The doctor recommends big platefuls of colorful vegetables—with only a little meat:

“Vegetables should take center stage, and meat should be the side dish.”

Not his first choice

Here’s what surprised me--I discovered I was woefully ignorant about modern fruits and vegetables. Modern fruits and veggies do not have great nutritional content, compared to less refined produce. We have “bred our produce to be sweeter, less colorful, and less nutritious. . . We’ve taken our wild plants— vegetables and fruit— and stripped them of their best qualities.” 

Here is my #1 surprise: A wild crabapple has “100x more cancer- and inflammation-fighting anthocyanins than the Golden Delicious variety found in supermarkets.”  What? How did I not know that?  Ditto for berries:

“Wild blueberries have dozens of times more phytonutrients than domesticated berries.”

Okay, I totally confess I had no idea about the nutrition of more wild produce compared to modern produce.  I am VERY surprised. 

So all in all, I found FOOD to be a helpful book, with tons of great ideas. I realize that I am chugging down way too much sugar (I love ice cream and pies!) I found the chapters on veggies and fruit the most helpful, as I just didn’t realize how modern fruits and vegetables have so much less nutrition than less refined varieties.  Excellent information!

Finally, realize that there is a LOT of material in this book, and it can be a little overwhelming.  Fortunately, the doctor writes well, and I found his points easy to follow. After presenting each topic, Dr. Hyman summarizes, ”What The Experts Got Right, ”What They Got Wrong,” and “What We Still Don’t Know For Sure.” I liked his succinct summary of the issues, and especially appreciate the author telling us where the science is not really settled.
 

Grow your own!

Food: What the Heck Should I Eat? by Dr. Mark Hyman

That’s right--it’s important to eat a wide variety of veggies, especially the odd ones! Forgot those common veggies you see at the market. Instead,

“Eat all the strange, weird, and unpopular veggies instead of the boring, all-too-common ones.”

If you find some strange sea vegetable from Japan, eat it!

Practical note: As a result of reading this book, I will be planting a garden full of zany, healthy vegetables. I’m really looking forward to putting the ideas in this book into action!  (You don’t have to agree with all his points to realize the value of fresh, wholesome vegetables.)

Eating unusual veggies is just one of the fun tips that Dr. Mark Hyman presents in, FOOD: WHAT THE HECK SHOULD I EAT?  The author covers some of the hottest topics in diet research, and explains what we’ve gotten wrong.  

Readers familiar with Dr. Hyman’s work will recognize his passion on overuse of sugar. He notes that many health organizations recommend limiting sugar to 10 percent of the daily calories.  Alas, the typical American child eats 3-times that amount. One good change is to limit sugary fruit juice. So, skip the O.J., and “Eat the orange instead.”

Not his first choice

Dr. Human notes that eating meat does not really lead to obesity and heart attacks. One reason studies have claimed that, is that people who eat a lot of eat have OTHER bad habits that do indeed cause health problems. To support his point, Dr. Hyman cites one summary of 53 studies, which found that high-fat diets achieved superior weight loss. Also, a comprehensive study “found no link between saturated fat consumption and heart disease.”   Yet another large study found “no difference in mortality between vegetarians, pescatarians, and meat eaters.”

At first, I found the conflicting conclusion about meat bewildering, but in turns out that his dietary recommendations are very similar to the “limit meat” camp.  The doctor recommends big platefuls of colorful vegetables—with only a little meat:

“Vegetables should take center stage, and meat should be the side dish.”

Grow your own!

Here’s what surprised me--I discovered I was woefully ignorant about modern fruits and vegetables. Modern fruits and veggies do not have great nutritional content, compared to less refined produce. We have “bred our produce to be sweeter, less colorful, and less nutritious. . . We’ve taken our wild plants— vegetables and fruit— and stripped them of their best qualities.” 

Here is my #1 surprise: A wild crabapple has “100x more cancer- and inflammation-fighting anthocyanins than the Golden Delicious variety found in supermarkets.”  What? How did I not know that?  Ditto for berries:

“Wild blueberries have dozens of times more phytonutrients than domesticated berries.”

Okay, I totally confess I had no idea about the nutrition of more wild produce compared to modern produce.  I am VERY surprised. 

So all in all, I found FOOD to be a helpful book, with tons of great ideas. I realize that I am chugging down way too much sugar (I love ice cream and pies!) I found the chapters on veggies and fruit the most helpful, as I just didn’t realize how modern fruits and vegetables have so much less nutrition than less refined varieties.  Excellent information!

Finally, realize that there is a LOT of material in this book, and it can be a little overwhelming.  Fortunately, the doctor writes well, and I found his points easy to follow. After presenting each topic, Dr. Hyman summarizes, ”What The Experts Got Right, ”What They Got Wrong,” and “What We Still Don’t Know For Sure.” I liked his succinct summary of the issues, and especially appreciate the author telling us where the science is not really settled.