Why I Say Something about Running as Administrator
On a couple of recent webcasts, I pointed out the folks were running with the local Administrator account. To start...
2009-05-28
2,150 reads
Brian Kelley
- Interests: Chess, Reading, Soccer (Football), Baseball, Animals, Theology
Catalog view: sys.tcp_endpoints
I was playing around with the endpoint catalog views this afternoon just looking at ways to do poor man's configuration...
2009-05-27
2,816 reads
Speaking at Augusta Developer's Guild
Tomorrow night, May 28th, I'll be speaking the Augusta Developer's Guild. This is a make-up from earlier in the year...
2009-05-27
1,378 reads
SQL Injection - Why I Don't Think Parameterization is Enough
One of the main defenses touted against SQL injection attacks is to use proper parameterization at the application layer. But while this gets most of the cases, there are clearly examples where this alone fails. For instance, consider the stored procedure...
2009-05-20
3,948 reads
Sick? Stay home!
Yesterday I did something I wouldn't have thought of doing a year ago: I stayed home. When I woke up,...
2009-05-19
843 reads
SQL Injection - Why I Don't Think Parameterization is Enough
Note:Since there have been several comments on this, I'm using parameterization at the application layer in the security sense of...
2009-05-15
2,703 reads
Rant: Is It an Effective Control or Not?
This is spurred on by a comment a pen tester made. He was referring to a particular technology and said something to the effect of, "What do you expect? It's 30 year-old technology." I was stunned when the comment was relayed to me. My response...
2009-05-13
2,363 reads
Rant: Is It an Effective Control or Not?
This is spurred on by a comment a pen tester made. He was referring to a particular technology and said...
2009-05-05
1,246 reads
Security Basics: Defense-in-Depth
In my security presentations, another basic I talk about is defense-in-depth. The idea here is to produce multiple layers of protection against a particular attack. For instance, imagine malicious code against your home computer. This is a case where...
2009-05-05
1,971 reads
A Dead Zune and Choices
Shortly after the Zune debuted, I purchased one. And I've been happy with it. It's done everything I expected out...
2009-05-04
851 reads
Blogs
A New Word: Ecstatic Shock
By Steve Jones
ecstatic shock – n. a surge of energy upon catching a glimpse from someone...
The CDO’s Playbook for AI Driven Decision Making
By Chris Yates
The New Arena of Leadership The role of the Chief Data Officer is no...
sp_snapshot – The easy way to take database snapshots of one or more databases – V3.0
Presenting you with an updated version of our sp_snapshot procedure, allowing you to easily...
Forums
Lessons from the Postmark-MCP Backdoor
Comments posted to this topic are about the item Lessons from the Postmark-MCP Backdoor
Arc Enabled SQL Server
Just saw the "Azure Extension for SQL Server" Does anyone has experience with it?...
Recursive Select - What is this really doing
I've noticed several instances of what looks like a recursive insert with the format:...
Question of the Day
The Maximum Value in the Identity Column
I have a table with this data:
TravelLogID CityID StartDate EndDate 1 1 2025-01-01 2025-01-06 2 2 2025-01-01 2025-01-06 3 3 2025-01-01 2025-01-06 4 4 2025-01-01 2025-01-06 5 5 2025-01-01 2025-01-06I run this code:
SELECT IDENT_CURRENT('TravelLog')
I get the value 5 back. Now I do this:
SET IDENTITY_INSERT dbo.TravelLog ON
INSERT dbo.TravelLog
(
TravelLogID,
CityID,
StartDate,
EndDate
)
VALUES
(25, 5, '2025-09-12', '2025-09-17')
SET IDENTITY_INSERT dbo.TravelLog OFF
I now run this code.
DBCC CHECKIDENT(TravelLog)
GO
INSERT dbo.TravelLog
(
CityID,
StartDate,
EndDate
)
VALUES
(4, '2025-10-14', '2025-10-17')
GO
What is the value for TravelLogID for the row I inserted for CityID 4 and dates starting on 14 Oct 2025?
See possible answers