THE SQL Server Blog Spot on the Web

Welcome to SQLblog.com - The SQL Server blog spot on the web Sign in | |
in Search

Browse by Tags

All Tags » Security   (RSS)
Showing page 2 of 9 (82 total posts)
  • Server level permissions for developers–why you should read books

    It is quite difficult recently for me to find some time to write a new post, so I don’t seem to be leading the rankings of the most frequent bloggers. I rarely recently have opportunity to lay my hands on the code too, so natural sources of ‘inspiration’ are less often. Hopefully this will change in 2012 and I will have more opportunities to write ...
    Posted to Piotr Rodak (Weblog) by rodak.p@gmail.com on January 1, 2012
  • Should All Data Be Encrypted By Default?

    Recently several IT industry information outlets have reported that there has been a 10-year concentrated, organized effort on breaking through computer security at some of the largest companies in the world. Government sites have also been attacked in multiple countries. Add to this the regular loss of data by banking and other industries, and ...
    Posted to Buck Woody (Weblog) by BuckWoody on August 9, 2011
  • Microsoft Document Watch for Operational Excellence

    Back when my day-to-day duties included database administration work and enterprise architecture, I became rather obsessed with the idea of operational excellence. I read everything I could on the topic. I made a list of favorites, which became somewhat shabby over time, as I dog-eared important pages and scribbled notes in the margins. ...
    Posted to Kevin Kline (Weblog) by KKline on August 8, 2011
  • Think Your Windows Administrators Don’t Have Access to SQL Server 2008 by Default? Think Again.

      We had an email thread at work where someone was asking for assistance with an unknown sa password on a SQL instance on a new laptop. “No big deal” – I said to myself – “You can reset the sa password by starting SQL in single-user mode” (If you haven’t heard about this, have a look here). And then I started thinking – but what if this ...
    Posted to Argenis Fernandez (Weblog) by Argenis on July 10, 2011
  • More information on the Patch Tuesday updates for SQL Server

    Last week, Microsoft released a series of patches for all supported versions of SQL Server (from SQL Server 2005 SP3 all the way to SQL Server 2008 R2). The reason for the patch against SQL Server installations is largely a client-side issue with the XML viewer application, and for SQL Server specifically, the exploit is limited to potential ...
    Posted to Aaron Bertrand (Weblog) by AaronBertrand on June 19, 2011
  • Security updates for all supported versions of SQL Server

    It's patch Tuesday! [UPDATE June 19 : Please see my follow-up post about this security update.]  Today Microsoft released a security bulletin covering several issues that could potentially affect SQL Server; these exploits include remote code execution, denial of service, information disclosure and elevation of privilege. You should test ...
    Posted to Aaron Bertrand (Weblog) by AaronBertrand on June 14, 2011
  • Case Study: Secure Log Shipping via SSL FTP

    Today I’m putting up sort of an oddball solution I build a couple of months ago. We had the need to provide a reporting copy of some production databases for analysts to do ad-hoc reporting. The trick was that we needed to move the databases from a less secure location into a more secure location, with an untrusted domain boundary and a firewall ...
    Posted to Merrill Aldrich (Weblog) by merrillaldrich on May 19, 2011
  • If you disable the guest user, please read this!

    As a matter of security, it is typically recommended to disable the guest user account across your user databases. For system databases, of course you have a tough time disabling guest access for tempdb and master, which are peripherally required for a lot of different types of activity. You have probably felt quite confident in disabling guest ...
    Posted to Aaron Bertrand (Weblog) by AaronBertrand on April 29, 2011
  • Online Password Security Tactics

    Recently two more large databases were attacked and compromised, one at the popular Gawker Media sites and the other at McDonald’s. Every time this kind of thing happens (which is FAR too often) it should remind the technical professional to ensure that they secure their systems correctly. If you write software that stores passwords, it ...
    Posted to Buck Woody (Weblog) by BuckWoody on December 14, 2010
  • SQL Server v.Next (Denali) : More on contained databases and "contained users"

    One of the reasons for contained databases (see my previous post) is to allow for a more seamless transition when moving a database from one server to another.  One of the biggest complications in doing so is making sure that all of the logins are in place on the new server.  Contained databases help solve this issue by creating a new ...
    Posted to Aaron Bertrand (Weblog) by AaronBertrand on December 10, 2010
< Previous 1 2 3 4 5 Next > ... Last »
Powered by Community Server (Commercial Edition), by Telligent Systems
  Privacy Statement