Click here to monitor SSC
SQLServerCentral is supported by Red Gate Software Ltd.
 
Log in  ::  Register  ::  Not logged in
 
 
 

Content with tag Security Rss

   Items 1 to 20 of 869    Older >>
 

Hack Us

A challenge from United intrigues Steve Jones. How many other companies would make a challenge like this?  Read more...
By Steve Jones 2015/05/26 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 108 reads

Default Endpoint Encryption

By Steve Jones 2015/05/21 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 986 reads

PCI Best Practices Guide for SQL Server DBAs

Tibor Nagy has put together some best practices to help SQL Server DBAs navigate the many different requirements around PCI compliance.  Read more...
By Additional Articles 2015/05/21 | Source: MSSQLTips.com | Category: best practices
Rating: (not yet rated)  Rate this |   Briefcase | 4,694 reads

How to Get SQL Server Security Horribly Wrong

It is no good doing some or most of the aspects of SQL Server security right. You have to get them all right, because any effective penetration of your security is likely to spell disaster. If you fail in any of the ways that Robert Sheldon lists and describes, then you can't assume that your data is secure, and things are likely to go horribly wrong.  Read more...
By Additional Articles 2015/05/13 | Source: SimpleTalk | Category: security
Rating:  Rate this |   Briefcase | 6,266 reads

Passively detect attempts to guess passwords

Review the error log for possible brute force or dictionary attacks on your SQL Server instance.  Read more...
By Daniel Brink 2015/05/08 | Source: SQLServerCentral.com | Category: security
Rating: |  Discuss |   Briefcase | 2,317 reads

How to Recover a SQL Server Login Password

I will describe a simple method anyone can use to obtain lost password information for a SQL Server login.  Read more...
By Geoff Albin 2015/04/24 (first published: 2013/03/04) | Source: SQLServerCentral.com | Category: password cracking
Rating: |  Discuss |   Briefcase | 29,854 reads

The Opportunistic Hacker

Sometimes the crimes of opportunity might be the worst ones for our data.  Read more...
By Steve Jones 2015/04/14 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 192 reads

Stairway to SQL Server Security Level 7: Security Across Databases with Cross-Database Ownership Chaining

Sometimes you need to reach outside a database and access data and objects from multiple databases, which raises some security issues and increases the complexity of data access. In this stairway level, you’ll learn about cross-database ownership chaining so that you can reach across database boundaries securely.  Read more...
By Don Kiely 2015/04/08 | Source: SQLServerCentral.com | Category: stairway series
Rating: |  Discuss |   Briefcase | 2,142 reads

Source Code Security

The code you use may contain security information. Be extra careful in this case, especially when you use encryption.  Read more...
By Steve Jones 2015/03/31 | Source: SQLServerCentral.com | Category: editorial
Rating: (not yet rated) |  Discuss |   Briefcase | 104 reads

Secure Checks

By Steve Jones 2015/03/25 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 1,655 reads

Backing up from SETUSER

By Steve Jones 2015/03/19 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 1,897 reads

Move DB roles

This script will script the role members for all roles on the database.  Read more...
By Shanjan Sapra 2015/03/10 | Source: SQLServerCentral.com | Category: restore
Rating: |  Discuss |   Briefcase | 1,069 reads

Creating schemas

By Steve Jones 2015/03/03 | Category: administration
Rating: (not yet rated) |  Discuss |   Briefcase | 1,650 reads

Signing options

By Steve Jones 2015/02/20 | Category: t-sql
Rating: (not yet rated) |  Discuss |   Briefcase | 1,625 reads

Not Again!

By Steve Knox 2015/02/18 | Category: aggregates
Rating: (not yet rated) |  Discuss |   Briefcase | 2,299 reads

SQL Injection, Still?

We still have problems with SQL Injection. Steve Jones has a few thoughts on why.  Read more...
By Steve Jones 2015/02/17 | Source: SQLServerCentral.com | Category: editorial
Rating: |  Discuss |   Briefcase | 241 reads

Master Key creation

By Steve Jones 2015/02/10 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 1,371 reads

Signing Procedures

By Steve Jones 2015/02/09 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 1,539 reads

Login options

By Steve Jones 2015/02/05 | Category: security
Rating: (not yet rated) |  Discuss |   Briefcase | 1,816 reads

Stairway to SQL Server Security Level 6: Execution Context and Code Signing

A fundamental way that SQL Server determines whether a principal has the permissions necessary to execute code is with its execution context rules. It’s all complicated by the possibility that a principal has permission to execute code but doesn’t have permission on the underlying objects accessed by the code, such as the data in a table. This stairway level will explore SQL Server’s execution context, ownership chains, and impersonation, as well as show you how you can control access to data via T-SQL code.  Read more...
By Don Kiely 2015/02/04 | Source: SQLServerCentral.com | Category: stairway series
Rating: |  Discuss |   Briefcase | 2,330 reads
   Items 1 to 20 of 869    Older >>
 
Tags
editorial (126)    
sql server 7 (105)    
administration (69)    
sql server 2005 (56)    
blogs (53)    
strategies (40)    
encryption (39)    
t-sql (33)    
editorial - ipod (25)    
editorial - wmv (25)    
editorial - mp3 (24)    
auditing (22)    
permissions (22)    
miscellaneous (15)    
sql server 2008 (14)    
logins (13)    
passwords (13)    
backup / restore (12)    
programming (11)    
sql server 6.5 (11)    
transparent data encryption (tde) (11)    
roles (10)    
sql injection (10)    
configuring (9)    
reporting services (ssrs) (9)    
database design (8)    
role (8)    
software development (8)    
stored procedures (8)    
best and worst practices (7)    
friday poll (7)    
grant (7)    
integration services (ssis) (7)    
sql agent (7)    
user (7)    
database roles (6)    
database security (6)    
database weekly (6)    
sql server (6)    
sql server 2008 r2 (6)    
advanced querying (5)    
analysis services (ssas) (5)    
career (5)    
disaster recovery (dr) (5)    
hackers (5)    
login (5)    
news (5)    
schemas (5)    
secure programming (5)    
stairway series (5)    
triggers (5)    
worst practices (5)    
authentication (4)    
biometrics (4)    
data retention (4)    
installation (4)    
legal issues (4)    
performance tuning (4)    
server roles (4)    
sql server 2000 (4)    
users (4)    
active directory (3)    
best practices (3)    
ddl triggers (3)    
dts (3)    
execute as (3)    
impersonation (3)    
kerberos (3)    
monitoring (3)    
other (3)    
principals (3)    
professional development (3)    
replication (3)    
service accounts (3)    
service broker (3)    
sql server 2012 (3)    
sql server express (3)    
sql university (3)    
surface area configuration tool (3)    
training (3)    
windows security (3)    
advanced (2)    
central management server (cms) (2)    
certificates (2)    
cloud computing (2)    
comparison (2)    
compliance (2)    
dac (2)    
database principals (2)    
databases (2)    
development (2)    
firewall (2)    
guest user (2)    
indexing (2)    
jobs (2)    
logon triggers (2)    
members (2)    
ownership (2)    
ownership chaining (2)    
patches (2)    
permission (2)    
policy based management (pbm) (2)    
powershell (2)    
privilege escalation (2)    
product reviews (2)    
profiler (2)    
rants (2)    
reviews (2)    
scripting (2)    
secure (2)    
service packs (2)    
setuser (2)    
sid (2)    
spn (2)    
sql server architecture (2)    
sql-dmo (2)    
tcp/ip (2)    
tools (2)    
user defined function (udf) (2)    
xml (2)    
xsl (2)    
.net (1)    
access restriction (1)    
administrator (1)    
ado (1)    
aggregates (1)    
alerts (1)    
alias (1)    
analysis services (1)    
architecture (1)    
asymmetric keys (1)    
automation (1)    
azure (1)    
backup / recovery (1)    
bcp (bulk copy program) (1)    
broker security (1)    
browser service (1)    
bugs (1)    
c# (1)    
change db owner (1)    
cissp (1)    
cloud (1)    
code signing (1)    
conferences/user groups (1)    
configuration (1)    
connect any database (1)    
continuous integration (1)    
control server (1)    
create database (1)    
credentials (1)    
credit card numbers (1)    
cross-database ownership chaining (1)    
cryptography (1)    
data driven (1)    
data mining (1)    
data security (1)    
database mail (1)    
database master key (dmk) (1)    
database object permissions (1)    
database owner (1)    
database ownership (1)    
database permissions (1)    
database users (1)    
ddl (1)    
deny (1)    
dimensions (1)    
distributed queries (1)    
dmv's (1)    
dynamic sql (1)    
endpoints (1)    
english query (1)    
eventdata (1)    
events (1)    
execution context (1)    
extended stored procedures (1)    
filestream (1)    
fixed server roles (1)    
general administration (1)    
grantee (1)    
grantor (1)    
hashbytes (1)    
hexadecimal (1)    
job (1)    
linked server (1)    
list (1)    
logon trigger (1)    
maintenance (1)    
management studio (ssms) (1)    
microsoft sql server (1)    
msdb (1)    
networking (1)    
openxml (1)    
orphaned (1)    
orphaned user (1)    
orphaned users (1)    
parameter (1)    
pass (1)    
password (1)    
password cracking (1)    
patching (1)    
presenting (1)    
privacy (1)    
professional organization for sql server (1)    
proxy accounts (1)    
public (1)    
rename (1)    
report server (1)    
responsibilities (1)    
restore (1)    
revert (1)    
sa (1)    
sanpshot (1)    
script (1)    
securables (1)    
security awareness (1)    
securityadmin (1)    
server principals (1)    
server_principals (1)    
sharepoint (1)    
sid mismatch check (1)    
sp_cycle_errorlog (1)    
sp_msforeachdb (1)    
sql jobs (1)    
sql puzzles (1)    
sql server 2014 (1)    
sql server permissions (1)    
sql spackle (1)    
sqlservercentral (1)    
ssl (1)    
sspi (1)    
stored procedure (1)    
survey (1)    
sysadmin (1)    
system databases (1)    
system development life cycle (1)    
tabular model (1)    
today (1)    
trust (1)    
trustworthy (1)    
type (1)    
updategrams (1)    
upgrading (1)    
virtualization (1)    
visual basic 6 (1)    
vulnerability (1)    
windows (1)    
xp_logininfo (1)