Click here to monitor SSC
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

K. Brian Kelley - Databases, Infrastructure, and Security

IT Security, MySQL, Perl, SQL Server, and Windows technologies.

Archives: October 2011

Webinar on SQL Server Security on November 3, 2011

I have the privilege of being able to give a webinar next Thursday, November 3, at 11 AM EDT. It will be through Quest's Experts' Perspective series. You can register here:

Experts' Perspective Webcast: Building a Bulletproof Security Strategy for SQL Server

In this webinar I'll be discussing how to… Read more

Understanding Kerberos, Part III

Welcome back to both our Kerberos coverage and to another topic for SQL University's Security and Auditing Week. In today's lesson we're going to cast some light on what is likely the most used tool in managing Service Principal Names (SPNs) for Kerberos: SETSPN. If you're not familiar with… Read more

0 comments, 8,570 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 28 October 2011

SQL University: SQL Agent Jobs That Run at SQL Agent Start

Welcome to Security week at SQL University. I apologize for the late start. However, if you want to do some related reading from last week, take a look at the Kerberos series I started:

The reason I point out the Kerberos… Read more

0 comments, 2,277 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 27 October 2011

Understanding Kerberos, Part II

The majority of the time, the problems I see with Kerberos are due to a bad SPN (Service Principal Name) configuration. So in this post we'll talk about what an SPN contains and how it should look. An SPN contains several pieces of information:

  • The service identifier (this is MSSQLSvc…

Read more

0 comments, 3,307 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 18 October 2011

Understanding Kerberos, Part I

A get a lot of questions where I work about Kerberos and how it works for SQL Server, whether we're talking about the database engine or Reporting Services. I also see it quite a bit on Twitter. This is a series of posts that looks to explain Kerberos in more… Read more

6 comments, 3,477 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 17 October 2011

Speaking at the 2011 Carolina Technology Conference

On Tuesday, October 18, 2011, I will be speaking at the Carolina Technology Conference in Columbia, SC. I'm scheduled for the 3:30-4:20 PM slot, meaning about a 40-45 minute presentation on database security. While I will focus primarily on Microsoft SQL Server security, I will approach database and data security… Read more

2 comments, 1,049 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 14 October 2011

Cloud? Chotto Matte Kudasai.

If you're not familiar with Chotto matte kudasai, it means "A moment, please," in Japanese. The cloud is big news. It is big news at the PASS Summit. It has been big news for quite some time. Folks are pushing hard to get you into the cloud. However, there… Read more

A Disturbing Trend: Government Sponsored Malware

It is understandable that nations may undertake operations against other nations. This is believed to be the origin of StuxNet after all. What is more disturbing is when a government will use malware against its own citizens, as discoveredin the last couple of weeks in Germany. What is especially disturbing… Read more

Piiiiiiiigs, er DBAs, in Space!

If you don't get the reference, it was a set of skits on the old Muppet Show and it starred these guys and Miss Piggy. It was always a riot, full of great puns, and one of my favorite skit sets of all time. However, Red Gate's latest… Read more

Learn to Help Yourself

I used to work with a guy who was adamant that before you asked him for help, you had done the following:

Read more

1 comments, 1,014 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 11 October 2011

PASS Summit Attendees: Remember to Network and Maintain

Previously, when I had attended conferences, I had used them to attend as many seminars or talks as I could physically get to. Then one simple book laid out the problems with such an approach. The big thing to remember is that there are only going to be a few… Read more

0 comments, 1,126 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 10 October 2011

Advanced Persistent Threats and Us

In a blog post from last year, Richard Bejtlich (blog | twitter) talked about a concept called an Advanced Persistent Threat (APT). His discussion then centered on the Aurora attacks on Google and other firms. In a recent post, Richard covered a bit about his experience at a… Read more

Detecting Security Updates on Vista/Windows 7/2008/2008R2

When trying to detect whether updates have been installed or not, there were several places we investigated:

  • HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall
  • HKLM\Software\Microsoft\WindowsNT\CurrentVersion\HotFix
  • HKLM\Software\Microsoft\Updates

Some updates still write to these locations to enable detection and they should be looked for. For instance, SQL Server 2005 SP4 for the database engine will be found at:

HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\KB246332_SQL9 Read more

Two Great Talks on the State of Internet Security

Recently I've started following the public work of Mikko Hypponen (blog | twitter), the Chief Research Officer of F-Secure. I've known about and kept up with the announcements put out by F-Secure for a long time, but never focused in much on any one individual. That was… Read more