Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

K. Brian Kelley - Databases, Infrastructure, and Security

IT Security, MySQL, Perl, SQL Server, and Windows technologies.

Archives: November 2012

Are Your Protecting Your DB Backups?

Folks have cited the recent InformationWeek article on how South Carolina's Department of Revenue was hacked because the SC state government basically said, "It's the IRS' fault for not telling us we should encrypt social security numbers." I'm not going to touch that. It stands on its own for its foolishness.… Read more

1 comments, 1,702 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 27 November 2012

Server Level Security

 We'll discuss surface area later in the week. Today let's talk about if you're able to connect to SQL Server. Connecting to SQL Server and actually logging in are two different things. I can run a scanner and detect SQL Server is present and then launch a telnet session. That… Read more

0 comments, 1,923 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 6 November 2012

SQL Server Security: The Sum of Its Parts

When it comes to attacking SQL Server, whether we're talking about the security of an installation or as a piece towards a larger solution, I first stop and realize that SQL Server is the sum of its parts. For instance, take SQL Server installed on a VM. Areas that concern… Read more

0 comments, 1,052 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 5 November 2012