Why I Say Something about Running as Administrator
On a couple of recent webcasts, I pointed out the folks were running with the local Administrator account. To start...
2009-05-28
2,159 reads
Brian Kelley
- Interests: Chess, Reading, Soccer (Football), Baseball, Animals, Theology
Catalog view: sys.tcp_endpoints
I was playing around with the endpoint catalog views this afternoon just looking at ways to do poor man's configuration...
2009-05-27
2,825 reads
Speaking at Augusta Developer's Guild
Tomorrow night, May 28th, I'll be speaking the Augusta Developer's Guild. This is a make-up from earlier in the year...
2009-05-27
1,380 reads
SQL Injection - Why I Don't Think Parameterization is Enough
One of the main defenses touted against SQL injection attacks is to use proper parameterization at the application layer. But while this gets most of the cases, there are clearly examples where this alone fails. For instance, consider the stored procedure...
2009-05-20
3,948 reads
Sick? Stay home!
Yesterday I did something I wouldn't have thought of doing a year ago: I stayed home. When I woke up,...
2009-05-19
844 reads
SQL Injection - Why I Don't Think Parameterization is Enough
Note:Since there have been several comments on this, I'm using parameterization at the application layer in the security sense of...
2009-05-15
2,706 reads
Rant: Is It an Effective Control or Not?
This is spurred on by a comment a pen tester made. He was referring to a particular technology and said something to the effect of, "What do you expect? It's 30 year-old technology." I was stunned when the comment was relayed to me. My response...
2009-05-13
2,363 reads
Rant: Is It an Effective Control or Not?
This is spurred on by a comment a pen tester made. He was referring to a particular technology and said...
2009-05-05
1,248 reads
Security Basics: Defense-in-Depth
In my security presentations, another basic I talk about is defense-in-depth. The idea here is to produce multiple layers of protection against a particular attack. For instance, imagine malicious code against your home computer. This is a case where...
2009-05-05
1,971 reads
A Dead Zune and Choices
Shortly after the Zune debuted, I purchased one. And I've been happy with it. It's done everything I expected out...
2009-05-04
859 reads
Blogs
AI: Blog a Day – Day 3: LLM Models – Open Source vs Closed Source
By Vinay Thakur
Continuing from Day 2 , we learned introduction on Generative AI and Agentic AI,...
How to Parameterize Fabric Linked Services in Azure Data Factory for Azure Devops Deployment
Quite the title, so let me set the stage first. You have an Azure...
Deployment Pipelines in Fabric – What Are They?
By HeyMo0sh
In the realm of software development and content creation, the deployment pipeline serves as...
Forums
A Quick Restore
Comments posted to this topic are about the item A Quick Restore
Guarding Against SQL Injection at the Database Layer (SQL Server)
Comments posted to this topic are about the item Guarding Against SQL Injection at...
Ola Hallengren Index Optimize Maintenance can we have data compression = page
I have a quick question on Ola Hallengren Index Optimize Maintenance . Do we...
Question of the Day
A Quick Restore
While doing some testing of an application, I wanted to reset my environment after doing some testing with this code:
USE DNRTest BACKUP DATABASE DNRTest TO DISK = 'dnrtest.bak' GO /* Bunch of stuff tested here */RESTORE DATABASE DNRTest FROM DISK = 'dnrtest.bak' WITH REPLACEWhat happens if this runs, assuming the "bunch of stuff" isn't anything affecting the instance. See possible answers