Click here to monitor SSC
SQLServerCentral is supported by Redgate
Log in  ::  Register  ::  Not logged in

K. Brian Kelley - Databases, Infrastructure, and Security

IT Security, MySQL, Perl, SQL Server, and Windows technologies.

Archives: February 2012

Presenting Two Sessions at SQLRally

I just received great news that one of my sessions, Attacking SQL Server, was picked by the community for SQLRally. That means I'll have two presentations to give in Dallas!

Attacking SQL Server

Database Administration Track

It is a well-known maxim in warfare to know your enemy. In this… Read more

New Article: Exploiting SQL Server via CONTROL SERVER permissions

I have a new article up at MSSQLTips.com, covering what someone can do with CONTROL SERVER. Most folks know to look for changes in the sysadmin role, and knowing this, if I want to cover my tracks I don't want to give a login that membership. However, a lot of… Read more

1 comments, 1,475 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 27 February 2012

A Plea: Have your guidance documentation reviewed

Today one of my auditors sent me her matrix for auditing Microsoft SQL Server. I had seen part of it and some questions about some of the technical details I saw. In the email thread I discovered that some of it was taken from a guidance document from our professional… Read more

0 comments, 1,098 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 23 February 2012

Two Sessions Up for Vote at SQLRally!

I received great news last week that one of my sessions, Windows Operating System Internals for DB Pros, was accepted, meaning I will be making the trip to Dallas!

However, I also have two other sessions up for the community to vote on. They are:

Attacking SQL Server

Database… Read more

USB/Flash Drive Security

Gone are the days when remote drives were easy to detect because there was some size to them. Nowadays USB drives come in all form factors. And a lot are now built to not look like drives at all. For instance, here is one my wife picked up for less than $20… Read more

1 comments, 2,009 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 13 February 2012

See You at SQL Saturday!

I've been asked this question a few times, and Columbia, SC isn't hosting a SQL Saturday this year. Bobby Dimmick (blog | twitter) and I are looking to do something related to IT architecture because we see a gap there. We've had some real interest on this front,… Read more

Slides and Scripts from Idera February webcast

For those who've asked, here are the slides and scripts from my SQL Server auditing webinar with Idera:



If you weren't able to attend the original webinar, it is archived here.


  Read more

Webcast: Successfully Meeting Your Audits for SQL Server

Tomorrow at 3 PM Eastern I'll be giving a webcast in conjection with Idera and MSSQLTips.com:


Registration for Successfully Meeting Your Audits for SQL Server


If you're in charge of auditing SQL Server in your environment, want to get a good idea of what's going on from… Read more