Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

Regular Columnist: Brian Kelley

SQLServerCentral.com profile

Brian Kelley is an author, columnist, and Microsoft SQL Server MVP focusing primarily on SQL Server security. He is a contributing author for How to Cheat at Securing SQL Server 2005 (Syngress), Professional SQL Server 2008 Administration (Wrox), and Introduction to SQL Server (Texas Publishing). Brian currently serves as an infrastructure and security architect. He has also served as a senior Microsoft SQL Server DBA, database architect, developer, and incident response team lead.

   Items 1 to 20 of 42    Older >>
 

Stored Procedures and SQL Injection

Why do stored procedures help with security? In this piece, MVP Brian Kelley explains why SQL Injection and information gathering are hampered with stored procedures.  Read more...
By Brian Kelley 2013/02/18 | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 11,591 reads

Restricting SecurityAdmin on SQL Server 2005/2008

Members of the securityadmin role can escalate to sysadmin rights. Here's how to restrict them back to 2000 levels.  Read more...
By Brian Kelley 2010/09/02 | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 5,314 reads

Enabling the Dedicated Administrator Connection (DAC) in SQL Server Express

SQL Server Express has the same code base as the rest of the versions of SQL Server, but there are some differences in how to set it up and configure various tasks. MVP Brian Kelley shows us how to enable the Dedicated Administrator Connection.  Read more...
By Brian Kelley 2009/10/21 | Source: SQLServerCentral.com | Category: dac
Rating: |  Discuss |   Briefcase | 4,268 reads

Blocking Users by IP

SQL Server MVP Brian Kelley brings us a great new article that solves a problem that might help your security. In this short piece, we learn how we can use logon triggers to block users based on their IP address.  Read more...
By Brian Kelley 2013/11/08 (first published: 2009/03/09) | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 32,734 reads

Using the Service Audit Object in SQL Server 2008

Brian Kelley looks at auditing in this article about SQL Server 2008 and the enhancements made in this version. The new Audit Object allows you to more easily determine what is happening on your SQL Server instance.  Read more...
By Brian Kelley 2008/12/18 | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 2,919 reads

Configuring Kerberos Authentication

Longtime author Brian Kelley brings us a new article on security and Kerberos authentication in SQL Server.  Read more...
By Brian Kelley 2011/03/25 (first published: 2008/12/11) | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 24,666 reads

SQL Response Review - New SQL Server Monitoring Tool

Red Gate's SQL Response is advertised as a low-impact SQL Server monitoring application with an intuitive interface. Given the advertising, I signed up for the SQL Response Release Candidate and took a look. I was pleasantly surprised with what I found.  Read more...
By Brian Kelley 2008/10/08 | Source: Red-Gate | Category: sql response
Rating: |  Discuss |   Briefcase | 4,583 reads

A Review of Typhon III

Maintaining SQL Server security is fast becoming a big part of a SQL Server DBA's job. Longtime security expert Brian Kelley takes a look at a security scanner: Typhon III   Read more...
By Brian Kelley 2007/02/05 | Source: SQLServerCentral.com | Category: product reviews
Rating: |  Discuss |   Briefcase | 5,731 reads

SQL Server 2005 Logins

Security was a major focus of SQL Server 2005 during its development, both in terms of making the product secure as well as enhancing the options. Security expert Brian Kelley brings us a look at how the paradigm of logins has changed and what you need to look for in SQL Server 2005.   Read more...
By Brian Kelley 2008/04/11 (first published: 2006/07/05) | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 116,953 reads

PromptSQL Review

Do you want intellisense for Query Analyzer? Many people would love this amazing enhancement that has long been available for Visual Studio users. It is now available as an add-in from PromptSQL and Brian Kelley reviews this amazing product.   Read more...
By Brian Kelley 2006/01/18 | Source: SQLServerCentral.com | Category: product reviews
Rating: |  Discuss |   Briefcase | 10,180 reads

Securing SQL Backups

SQL Server does many things very well, but securing itself is not one of them. While securing your server requires some effort, there is an area that many people forget. Securing your backups! Brian Kelley, our resident security expert, brings some advice and ideas for ensuring your data will not be stolen.   Read more...
By Brian Kelley 2005/03/21 | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 8,757 reads

Review - Apex SQL Edit

SQL Server includes Query Analyzer as a client editing tool for T-SQL code. It's a great tool, but it does have a number of shortcomings. Apex SQL has released an editor that includes a number of features missing in Query Analyzer. Read this review by Brian Kelley.   Read more...
By Brian Kelley 2004/11/08 | Source: SQLServerCentral.com | Category: product reviews
Rating: |  Discuss |   Briefcase | 7,652 reads

PASS Summit 2004

Our resident SQL Server security expert, Brian Kelley, went with the SQLServerCentral.com crew to the 2004 PASS Summit in Orlando last month. He was kind enough to jot down a few notes on the conference for those of you that weren't there and are considering going next year.   Read more...
By Brian Kelley 2004/10/12 | Source: SQLServerCentral.com | Category: sqlservercentral
Rating: |  Discuss |   Briefcase | 4,132 reads

Review: Typhon III from NGSSoftware

Every shop with any sort of IT organization should be scanning for vulnerabilities and issues with their systems and SQL Server is no exception. Security software vendor has a tool that can scan and report on all your SQL Servers is an easy to use product called Typhon III. Our security expert Brian Kelley takes a look at this product.   Read more...
By Brian Kelley 2004/10/07 | Source: SQLServerCentral.com | Category: product reviews
Rating: |  Discuss |   Briefcase | 13,818 reads

Auditing with SQL Profiler

SQL Server includes a great auditing tool: Profiler. It's not the easiest tool to use, however, and it's one that takes some getting used to. Our resident security export, Brian Kelley looks at a simple example of using this tool to audit logins.   Read more...
By Brian Kelley 2007/04/20 (first published: 2004/09/01) | Source: SQLServerCentral.com | Category: administration
Rating: |  Discuss |   Briefcase | 33,762 reads

SQL Server Auditing - Part 1

Our SQL Server Security expert, Brian Kelley, brings us the first part of a new series on auditing. Most of the auditing articles we've had are based on how you audit changes to data. Brian looks at auditing from the server itself, explaining the different levels of auditing built into SQL Server 2000.   Read more...
By Brian Kelley 2007/06/01 (first published: 2004/08/05) | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 38,519 reads

SQL Server Security: Dealing with Anti-Virus Programs

Do you run an anti-virus product on your SQL Servers? After all, it's recommended, more and more, that you run anti-virus on ALL machines you have. There's just too much stuff running around out there. But putting this on a SQL Server creates some interesting issues. Our resident security guru, Brian Kelley, looks at some of the things you need to consider when deploying anti-virus products on your servers.   Read more...
By Brian Kelley 2004/05/13 | Source: SQLServerCentral.com
Rating: |  Discuss |   Briefcase | 22,690 reads

Review of SQL2K Resource Kit

Good enough for your bookshelf? This one meets that requirement for Brian, click the link to find out why.   Read more...
By Brian Kelley 2004/04/13 | Source: SQLServerCentral.com | Category: administration
Rating: |  Discuss |   Briefcase | 8,893 reads

Review of ApexSQL Log

Brian has been busy lately helping us with content for our magazine (you have checked out www.sqlserverstandard.com haven't you?) but he's back this week with a great write up a new product that let's you read from the transaction log.   Read more...
By Brian Kelley 2004/02/18 | Source: SQLServerCentral.com | Category: administration
Rating: |  Discuss |   Briefcase | 10,354 reads

SQL Server Security: Fixed Database Roles

Brian is back with a new security article, this time working through the details of the fixed database roles. There are some important concepts here. In particular if you're not totally clear on the difference between dbo and db_owner, read this article.   Read more...
By Brian Kelley 2007/01/19 (first published: 2003/12/12) | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 60,381 reads
   Items 1 to 20 of 42    Older >>