Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

K. Brian Kelley - Databases, Infrastructure, and Security

IT Security, MySQL, Perl, SQL Server, and Windows technologies.

Archives: June 2008

Off-Topic: Microsoft Marketing

I saw a blog post by Robert Hensing talking about Microsoft's new GPS product and its very uncreative name. This is related to a conversation some co-workers and I were having today. We were trying to think of when Microsoft marketing had a really big success on the product front.… Read more

Avoid Domain Admin level accounts for SQL Server

Every so often I see a post in the forums where someone has stated they've used a Domain Admin level account to run the SQL Server service. The implications are that anyone who is a member of the sysadmin fixed server role is effectively a domain admin. That means if a developer is a… Read more

How to Do and Not Do Customer Support

I recently purchased a Dell XPS M1530 laptop for use both for professional work (consulting & presentations) and ministry (mostly presentations). Yesterday, as I was at home recovering from a back injury, I noticed that some files were closing a little slower than I remembered. So naturally I checked the… Read more

Data Loss Mailing List and Database

The folks at attrition.org have been stalwarts in providing information to the security community for ages, it seems. I first discovered them via their defacement mirror, which they ceased maintaining long ago because site defacements became so common there was no point. About three years ago they began actively tracking… Read more

Security by Obscurity?

Andy Warren points to a TechNet article about Security by Obscurity and wanted me to post some notes. Let's start with the example they used.

Rename the Administrator account:

I agree with Roger's take. We intentionally rename the administrator account because it does stop the malware and scripts. We intentionally… Read more