Subscribe to this blog
K. Brian Kelley - Databases, Infrastructure, and Security
Archives: February 2012
Presenting Two Sessions at SQLRally
I just received great news that one of my sessions, Attacking SQL Server, was picked by the community for SQLRally. That means I'll have two presentations to give in Dallas!
Attacking SQL Server
Database Administration Track
It is a well-known maxim in warfare to know your enemy. In this… Read more
0 comments, 322 reads
Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 27 February 2012
New Article: Exploiting SQL Server via CONTROL SERVER permissions
I have a new article up at MSSQLTips.com, covering what someone can do with CONTROL SERVER. Most folks know to look for changes in the sysadmin role, and knowing this, if I want to cover my tracks I don't want to give a login that membership. However, a lot of… Read more
1 comments, 708 reads
Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 27 February 2012
A Plea: Have your guidance documentation reviewed
Today one of my auditors sent me her matrix for auditing Microsoft SQL Server. I had seen part of it and some questions about some of the technical details I saw. In the email thread I discovered that some of it was taken from a guidance document from our professional… Read more
0 comments, 620 reads
Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 23 February 2012
Two Sessions Up for Vote at SQLRally!
I received great news last week that one of my sessions, Windows Operating System Internals for DB Pros, was accepted, meaning I will be making the trip to Dallas!
However, I also have two other sessions up for the community to vote on. They are:
Attacking SQL Server
Database… Read more
0 comments, 284 reads
Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 21 February 2012
USB/Flash Drive Security
Gone are the days when remote drives were easy to detect because there was some size to them. Nowadays USB drives come in all form factors. And a lot are now built to not look like drives at all. For instance, here is one my wife picked up for less than $20… Read more
1 comments, 1,557 reads
Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 13 February 2012
See You at SQL Saturday!
I've been asked this question a few times, and Columbia, SC isn't hosting a SQL Saturday this year. Bobby Dimmick (blog | twitter) and I are looking to do something related to IT architecture because we see a gap there. We've had some real interest on this front,… Read more
0 comments, 430 reads
Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 13 February 2012
Slides and Scripts from Idera February webcast
For those who've asked, here are the slides and scripts from my SQL Server auditing webinar with Idera:
If you weren't able to attend the original webinar, it is archived here.
0 comments, 444 reads
Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 10 February 2012
Webcast: Successfully Meeting Your Audits for SQL Server
Tomorrow at 3 PM Eastern I'll be giving a webcast in conjection with Idera and MSSQLTips.com:
Registration for Successfully Meeting Your Audits for SQL Server
If you're in charge of auditing SQL Server in your environment, want to get a good idea of what's going on from… Read more
2 comments, 419 reads
Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 7 February 2012