Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

K. Brian Kelley - Databases, Infrastructure, and Security

IT Security, MySQL, Perl, SQL Server, and Windows technologies.

Archives: September 2013

Speaking Twice on Oct 1, 2013

Carolina Technology Conference:

To start things off, I'll be speaking in the morning at the Carolina Technology Conference. I have a 40 minute slot from 10:05 - 10:45 AM Eastern. I'm shooting for a 30-35 minute presentation with 5-10 minutes of questions. Here's the information on the talk:

  Read more

0 comments, 685 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 30 September 2013

PASS BoD: I'm voting for Allen Kinsel

There are some very good names up for this year's PASS Board of Directors. However, I wanted to write a post about one guy in particular: Allen Kinsel. Why Allen?

 

Allen is "Good People:"

That's a saying we have in the South when we describe someone we respect and… Read more

2 comments, 698 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 23 September 2013

Installing SQL Server 2008 on a machine with .NET Framework 4.0? Read this.

The SQL Server Premier Field Engineer blog has a post about an issue with installing SQL Server 2008 on a system where the .NET Framework 4.0 is already installed:

 

SecurityException / 'The process was terminated' errors installing SQL 2008 when .Net Framework 4.0 is installed

 

The first workaround… Read more

0 comments, 625 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 23 September 2013

Don't Rush When It Comes to Privacy Data

The Dataloss list sent the following article through yesterday afternoon:

 

Obamacare Employee Accidentally Sends Out 2,400 Social Security Numbers

 

This is concerning, but I hate to say it, not unexpected. We know that the weakest link in security is always people. Likely a worker was trying to be… Read more

1 comments, 668 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 17 September 2013

Why Government Required Backdoors Are a Bad Idea

I've heard the argument, "I've got nothing to hide. If it helps them catch the next guy, I'm all for it." Even if that's 100% true and even if every single person in goverment with access to the data is 100% genuine and sincere in doing his or her job,… Read more

7 comments, 2,077 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 11 September 2013

Database DoS Whitepaper from Securosis

Securosis has released a whitepaper on their research with regards to database denial-of-service attacks. This whitepaper is platform agnostic. It does mention specific vulnerabilities that have been exposed and attacked with respect to database platform, but only to the extent that they show it's a universal problem.

One of the… Read more

0 comments, 590 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 11 September 2013

Sometimes I don't understand Microsoft's vulnerability classifications

Here's a great example:

 

  MS13-079 - Vulnerability in Active Directory Could Allow Denial of Service (2853587)

 

Basically, this patches a vulnerability where an attacker can send a specially crafted LDAP query to an Active Directory domain controller and cause the LDAP service to fail. Here's the attack scenario I see: Read more

0 comments, 521 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 10 September 2013

Good Advice on "Certification"

Buck Woody (blog | twitter) is often seen as one of the wise men of the SQL Server community and with good reason: he often brings a perspective filled with great wisdom. Take for instance, his post to the MCM news:

 

Create your own MCM program… Read more

1 comments, 1,943 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 10 September 2013

Is Microsoft's Certification Program Value Microsoft's Fault?

I'd be interested if anyone says, "No," to that question. Gail Shaw raised a few points in this post about trust and value in Microsoft's certification brand. Having been on the hiring side in recent years, I'd have to agree with the general sentiment that a Microsoft certification does… Read more

5 comments, 1,167 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 4 September 2013

Good Intro Podcast on Hadoop

Have you heard about Hadoop but don't know much about it? What about "big data?" Would you like an intro at the 20,000 foot level that won't take more than an hour of your time?

 

Jeremiah Peschka (blog | twitter) was recently on .NET Rocks, a… Read more

0 comments, 1,401 reads

Posted in K. Brian Kelley - Databases, Infrastructure, and Security on 3 September 2013