Why I Say Something about Running as Administrator
On a couple of recent webcasts, I pointed out the folks were running with the local Administrator account. To start...
2009-05-28
2,150 reads
On a couple of recent webcasts, I pointed out the folks were running with the local Administrator account. To start...
2009-05-28
2,150 reads
I was playing around with the endpoint catalog views this afternoon just looking at ways to do poor man's configuration...
2009-05-27
2,816 reads
Tomorrow night, May 28th, I'll be speaking the Augusta Developer's Guild. This is a make-up from earlier in the year...
2009-05-27
1,378 reads
One of the main defenses touted against SQL injection attacks is to use proper parameterization at the application layer. But while this gets most of the cases, there are clearly examples where this alone fails. For instance, consider the stored procedure...
2009-05-20
3,948 reads
Yesterday I did something I wouldn't have thought of doing a year ago: I stayed home. When I woke up,...
2009-05-19
843 reads
Note:Since there have been several comments on this, I'm using parameterization at the application layer in the security sense of...
2009-05-15
2,703 reads
This is spurred on by a comment a pen tester made. He was referring to a particular technology and said something to the effect of, "What do you expect? It's 30 year-old technology." I was stunned when the comment was relayed to me. My response...
2009-05-13
2,363 reads
This is spurred on by a comment a pen tester made. He was referring to a particular technology and said...
2009-05-05
1,246 reads
In my security presentations, another basic I talk about is defense-in-depth. The idea here is to produce multiple layers of protection against a particular attack. For instance, imagine malicious code against your home computer. This is a case where...
2009-05-05
1,971 reads
Shortly after the Zune debuted, I purchased one. And I've been happy with it. It's done everything I expected out...
2009-05-04
851 reads
By Steve Jones
ecstatic shock – n. a surge of energy upon catching a glimpse from someone...
By Chris Yates
The New Arena of Leadership The role of the Chief Data Officer is no...
Presenting you with an updated version of our sp_snapshot procedure, allowing you to easily...
Comments posted to this topic are about the item Lessons from the Postmark-MCP Backdoor
Just saw the "Azure Extension for SQL Server" Does anyone has experience with it?...
I've noticed several instances of what looks like a recursive insert with the format:...
I have a table with this data:
TravelLogID CityID StartDate EndDate 1 1 2025-01-01 2025-01-06 2 2 2025-01-01 2025-01-06 3 3 2025-01-01 2025-01-06 4 4 2025-01-01 2025-01-06 5 5 2025-01-01 2025-01-06I run this code:
SELECT IDENT_CURRENT('TravelLog')I get the value 5 back. Now I do this:
SET IDENTITY_INSERT dbo.TravelLog ON INSERT dbo.TravelLog ( TravelLogID, CityID, StartDate, EndDate ) VALUES (25, 5, '2025-09-12', '2025-09-17') SET IDENTITY_INSERT dbo.TravelLog OFFI now run this code.
DBCC CHECKIDENT(TravelLog) GO INSERT dbo.TravelLog ( CityID, StartDate, EndDate ) VALUES (4, '2025-10-14', '2025-10-17') GOWhat is the value for TravelLogID for the row I inserted for CityID 4 and dates starting on 14 Oct 2025? See possible answers