Click here to monitor SSC
SQLServerCentral is supported by Redgate
 
Log in  ::  Register  ::  Not logged in
 
 
 

Content with tag Security Rss

<< Newer    Items 41 to 60 of 908    Older >>
 

Default Endpoint Encryption

By Steve Jones 2015/05/21 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 1,219 reads

PCI Best Practices Guide for SQL Server DBAs

Tibor Nagy has put together some best practices to help SQL Server DBAs navigate the many different requirements around PCI compliance.  Read more...
By Additional Articles 2015/05/21 | Source: MSSQLTips.com | Category: best practices
Rating: (not yet rated)  Rate this |   Briefcase | 6,370 reads

How to Get SQL Server Security Horribly Wrong

It is no good doing some or most of the aspects of SQL Server security right. You have to get them all right, because any effective penetration of your security is likely to spell disaster. If you fail in any of the ways that Robert Sheldon lists and describes, then you can't assume that your data is secure, and things are likely to go horribly wrong.  Read more...
By Additional Articles 2015/05/13 | Source: SimpleTalk | Category: security
Rating:  Rate this |   Briefcase | 8,788 reads

Passively detect attempts to guess passwords

Review the error log for possible brute force or dictionary attacks on your SQL Server instance.  Read more...
By Daniel Brink 2015/05/08 | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 2,397 reads

How to Recover a SQL Server Login Password

I will describe a simple method anyone can use to obtain lost password information for a SQL Server login.  Read more...
By Geoff Albin 2015/04/24 (first published: 2013/03/04) | Source: SQLServerCentral.com | Category: password cracking
Rating: |  Discuss |   Briefcase | 30,882 reads

The Opportunistic Hacker

Sometimes the crimes of opportunity might be the worst ones for our data.  Read more...
By Steve Jones 2015/04/14 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 200 reads

Stairway to SQL Server Security Level 7: Security Across Databases with Cross-Database Ownership Chaining

Sometimes you need to reach outside a database and access data and objects from multiple databases, which raises some security issues and increases the complexity of data access. In this stairway level, you’ll learn about cross-database ownership chaining so that you can reach across database boundaries securely.  Read more...
By Don Kiely 2015/04/08 | Source: SQLServerCentral.com | Category: stairway series
Rating: |  Discuss |   Briefcase | 2,656 reads

Source Code Security

The code you use may contain security information. Be extra careful in this case, especially when you use encryption.  Read more...
By Steve Jones 2015/03/31 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 111 reads

Secure Checks

By Steve Jones 2015/03/25 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 1,727 reads

Backing up from SETUSER

By Steve Jones 2015/03/19 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 1,948 reads

Move DB roles

This script will script the role members for all roles on the database.  Read more...
By Shanjan Sapra 2015/03/10 | Source: SQLServerCentral.com | Category: restore
Rating: |  Discuss |   Briefcase | 1,176 reads

Creating schemas

By Steve Jones 2015/03/03 | Category: administration
Rating: (not yet rated) |  Discuss |   Briefcase | 1,753 reads

Signing options

By Steve Jones 2015/02/20 | Category: t-sql
Rating: (not yet rated) |  Discuss |   Briefcase | 1,686 reads

Not Again!

By Steve Knox 2015/02/18 | Category: aggregates
Rating: (not yet rated) |  Discuss |   Briefcase | 2,409 reads

SQL Injection, Still?

We still have problems with SQL Injection. Steve Jones has a few thoughts on why.  Read more...
By Steve Jones 2015/02/17 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 275 reads

Master Key creation

By Steve Jones 2015/02/10 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 1,409 reads

Signing Procedures

By Steve Jones 2015/02/09 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 1,578 reads

Login options

By Steve Jones 2015/02/05 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 1,862 reads

Stairway to SQL Server Security Level 6: Execution Context and Code Signing

A fundamental way that SQL Server determines whether a principal has the permissions necessary to execute code is with its execution context rules. It’s all complicated by the possibility that a principal has permission to execute code but doesn’t have permission on the underlying objects accessed by the code, such as the data in a table. This stairway level will explore SQL Server’s execution context, ownership chains, and impersonation, as well as show you how you can control access to data via T-SQL code.  Read more...
By Don Kiely 2015/02/04 | Source: SQLServerCentral.com | Category: stairway series
Rating: |  Discuss |   Briefcase | 2,842 reads

Users , Roles and Logins

Useful script in cases where auditors would like to know roles for each user in each database of an instance as well as the status of associated logins.  Read more...
By Kenneth Igiri 2015/02/03 | Source: SQLServerCentral.com | Category: auditing
Rating: |  Discuss |   Briefcase | 2,544 reads
<< Newer    Items 41 to 60 of 908    Older >>
 
Tags
editorial (140)    
sql server 7 (105)    
administration (70)    
sql server 2005 (56)    
blogs (53)    
encryption (42)    
strategies (40)    
t-sql (36)    
editorial - ipod (25)    
editorial - wmv (25)    
editorial - mp3 (24)    
permissions (24)    
auditing (22)    
logins (20)    
miscellaneous (15)    
sql server 2008 (15)    
backup and restore (14)    
passwords (13)    
transparent data encryption (tde) (12)    
programming (11)    
roles (11)    
sql injection (11)    
sql server 6.5 (11)    
configuring (9)    
reporting services (ssrs) (9)    
software development (9)    
database design (8)    
role (8)    
stored procedures (8)    
best and worst practices (7)    
friday poll (7)    
grant (7)    
integration services (ssis) (7)    
sql agent (7)    
sql server 2008 r2 (7)    
user (7)    
database roles (6)    
database security (6)    
database weekly (6)    
sql server (6)    
stairway series (6)    
advanced querying (5)    
analysis services (ssas) (5)    
career (5)    
disaster recovery (dr) (5)    
hackers (5)    
news (5)    
schemas (5)    
secure programming (5)    
triggers (5)    
worst practices (5)    
active directory (4)    
authentication (4)    
biometrics (4)    
data retention (4)    
execute as (4)    
installation (4)    
legal issues (4)    
performance tuning (4)    
server roles (4)    
sql server 2000 (4)    
sql server 2012 (4)    
users (4)    
best practices (3)    
cloud computing (3)    
ddl triggers (3)    
dts (3)    
impersonation (3)    
kerberos (3)    
monitoring (3)    
other (3)    
principals (3)    
professional development (3)    
replication (3)    
service accounts (3)    
service broker (3)    
sql server express (3)    
sql university (3)    
surface area configuration tool (3)    
training (3)    
windows security (3)    
advanced (2)    
central management server (cms) (2)    
certificates (2)    
comparison (2)    
compliance (2)    
dac (2)    
database principals (2)    
databases (2)    
development (2)    
firewall (2)    
guest user (2)    
indexing (2)    
jobs (2)    
logon triggers (2)    
members (2)    
ownership (2)    
ownership chaining (2)    
patches (2)    
permission (2)    
policy based management (pbm) (2)    
powershell (2)    
privilege escalation (2)    
product reviews (2)    
profiler (2)    
rants (2)    
reviews (2)    
scripting (2)    
secure (2)    
service packs (2)    
setuser (2)    
sid (2)    
spn (2)    
sql server 2014 (2)    
sql server architecture (2)    
sql-dmo (2)    
survey (2)    
tcp/ip (2)    
tools (2)    
user defined function (udf) (2)    
xml (2)    
xsl (2)    
.net (1)    
access restriction (1)    
active directory groups (1)    
ad (1)    
ad groups (1)    
administrator (1)    
ado (1)    
aggregates (1)    
alerts (1)    
alias (1)    
always encrypted (1)    
analysis services (1)    
architecture (1)    
asymmetric keys (1)    
audit (1)    
automation (1)    
azure (1)    
azure sql database (1)    
bcp (bulk copy program) (1)    
broker security (1)    
browser service (1)    
bugs (1)    
c# (1)    
change db owner (1)    
cissp (1)    
cloud (1)    
code signing (1)    
conferences/user groups (1)    
configuration (1)    
connect any database (1)    
continuous integration (1)    
control server (1)    
create database (1)    
credentials (1)    
credit card numbers (1)    
cross-database ownership chaining (1)    
cryptography (1)    
data driven (1)    
data mining (1)    
data security (1)    
database mail (1)    
database master key (dmk) (1)    
database object permissions (1)    
database owner (1)    
database ownership (1)    
database permissions (1)    
database users (1)    
dbcc (1)    
ddl (1)    
default trace (1)    
deny (1)    
dimensions (1)    
distributed queries (1)    
dmk (1)    
dmv's (1)    
dynamic sql (1)    
endpoints (1)    
english query (1)    
eventdata (1)    
events (1)    
execution context (1)    
extended stored procedures (1)    
filestream (1)    
fixed server roles (1)    
general administration (1)    
grantee (1)    
grantor (1)    
hashbytes (1)    
hexadecimal (1)    
integrated security (1)    
job (1)    
linked server (1)    
list (1)    
logon trigger (1)    
maintenance (1)    
management studio (ssms) (1)    
microsoft sql server (1)    
msdb (1)    
networking (1)    
openxml (1)    
orphaned (1)    
orphaned user (1)    
orphaned users (1)    
parameter (1)    
pass (1)    
password (1)    
password cracking (1)    
patching (1)    
presenting (1)    
privacy (1)    
professional organization for sql server (1)    
proxy accounts (1)    
public (1)    
rename (1)    
report server (1)    
responsibilities (1)    
restore (1)    
revert (1)    
row-level security (rls) (1)    
sa (1)    
sanpshot (1)    
script (1)    
securables (1)    
security awareness (1)    
securityadmin (1)    
server principals (1)    
server_principals (1)    
sharepoint (1)    
sid mismatch check (1)    
smk (1)    
sp_cycle_errorlog (1)    
sp_msforeachdb (1)    
sql jobs (1)    
sql puzzles (1)    
sql server permissions (1)    
sql spackle (1)    
sqlrx (1)    
sqlservercentral (1)    
ssl (1)    
sspi (1)    
stored procedure (1)    
storing passwords (1)    
symmetric keys (1)    
sysadmin (1)    
system databases (1)    
system development life cycle (1)    
tabular model (1)    
today (1)    
trust (1)    
trustworthy (1)    
type (1)    
updategrams (1)    
upgrading (1)    
virtualization (1)    
visual basic 6 (1)    
vulnerability (1)    
windows (1)    
xp_logininfo (1)