Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

K. Brian Kelley - Databases, Infrastructure, and Security

IT Security, MySQL, Perl, SQL Server, and Windows technologies.

Archives: April 2008

Recent slate of IIS attacks - more info

The recent slate of attacks on IIS servers don't seem to be an attack directly against IIS or against SQL Server itself. In other words, they aren't going after vulnerabilities in the server product (either one). Rather, the attacks are targeting weaknesses in the web application which permit SQL Injection… Read more

Charlotte SQL Server User Group Link Wrong at HQ Site

If you're looking for the Charlotte SQL Server User Group web page, the link on the PASS HQ site is wrong. The PASS HQ site directs you here:

 http://www.sqlsig.org/

That's the site for the Detroit Area SQL Server User Group. The correct link is:

http://www.charlotte-sql.org/

I know the president… Read more

Heroes Happen Here Charlotte, NC Launch Tomorrow (April 8, 2008)

The Heroes Happen Here launch event for Charlotte, NC is tomorrow. It looks like there are still registration slots open:

Heroes Happen Here Registration

This is the launch event for SQL Server 2008, Visual Studio 2008, and Windows Server 2008. There will be a Professional Association for SQL Server booth where… Read more

SQL Compare 7 Beta

Red Gate's schema comparison tool, SQL Compare, is in beta for the newest version, SQL Compare 7. You can find details and a link to download here:

Red Gate Forums: SQL Compare 7 Beta 

This version does include support for SQL Server 2008 (through CTP 6). The beta… Read more

SQL Server Forensics Book

I logged into Safari today to download some chapters I want to be able to review when I'm offline. I saw in the new titles there's a forthcoming book called SQL Server Forensics Analysis and it's by one of my co-authors from How to Cheat at Securing SQL Server 2005 Read more

Jacksonville SQLSaturday less than a month away!

The SQLSaturday in Jacksonville, Florida, will be held May 3, 2008. I'm on track now to give two security based presentations:

  • Protecting Your SQL Server From Treasure Seekers: This presentation is geared for system administrators, DBAs, and developers and covers the "low-hanging fruit" of keeping SQL Server and the…

Read more

Installing 5.0.51a MySQL Community Edition on Windows Vista

I'm still working on getting all of my tools and apps onto my new laptop, which is running Vista Ultimate. I downloaded the latest version of MySQL Community Edition and proceeded to install it. I didn't consider the effects of User Account Control (UAC) on the installation. I should have,… Read more

Changing Dynamics on a Project Team

MVP Andy Leonard has written a nice post about how the dynamics changed on a project team. Most of it centered around a PM who overstepped his role and then played the usual game to cover his own shortcomings. However, said PM straightened up, albeit after a contentious meeting which… Read more

Presenting at Jacksonville SQLSaturday in May

Looks like my family and I will make the trek down to Jacksonville in May for SQLSaturday. One of my submitted presentations was selected, Trigger Happy Database Security. It'll focus primarily on the use of triggers to audit and manage SQL Server, to include DDL and logon triggers.… Read more

Midlands PASS Chapter Meeting - April 3, 2008

This is a meeting reminder about our next PASS meeting scheduled for April 3, 2008. It will once again be held at Training Concepts. We’ll start the meet and greet at 6:15 PM and look to get rolling into the actual meeting by 6:45 PM at the latest. If… Read more

Vulnerability announcements coming for Windows products

I'm a little late on this one, but Cesar Cerrudo has announced he's going to demonstrate exploits to Windows Server 2008, IIS 7.0, and SQL Server at the Hack in the Box conference in Dubai:

Windows Server 2008, Still not totally secure 

The Windows Server 2008 exploits appear… Read more