Focuses on advanced techniques that can be used in an attack on an application utilizing Microsoft SQL Server as a backend. These techniques demonstrate how an attacker could use a SQL Injection vulnerability to retrieve the database content from behind a firewall and penetrate the internal network. Also provided are recommendations on how to prevent such attacks.
2005-01-05
2,626 reads
2005-01-03
299 reads
2004-12-21
1,638 reads
The key to effective security is embracing it as an ongoing process rather than a one time event. This document examines how database security can be enhanced with a proactive security lifecycle approach.
2004-12-13
1,564 reads
If you are running Microsoft SQL Server databases to support critical enterprise applications, you are part of a growing trend. The cost/performance benefits of Microsoft SQL Server on the Microsoft Windows NT and Windows 2000 platforms have fueled the growth of SQL Server as a platform for enterprise-class applications.
2004-12-03
1,871 reads
Creating an enterprise security plan is a complex endeavour. It involves evaluating multiple threats that gain access through many network paths to a hodgepodge of different applications and systems. With the focus on systems and paths, databases are frequently overlooked. Securing the database should be a fundamental tenet for any security practitioner when developing his or her security plan. The database is the source of data, the "crown jewels" in the information economy. Any security effort must start with this in mind and end with the strongest level of controls applied at the database layer.
2004-11-26
2,129 reads
Typically, access to data is provided via client applications, which increases the range of potential vulnerabilities and places an equal share of responsibility for data security on software developers. This is especially important since application flaws can have just as catastrophic implications as a misconfigured or unsecured SQL Server installation.
2004-10-19
2,337 reads
Have you ever wondered how many SQL Servers are on your network? Need their versions for patches, reporting, etc? Read about this technique for easily scanning for all the servers that are installed.
2004-09-21
1,691 reads
A basic look at various ways in which you can perform some server auditing with SQL Server 2000.
2004-09-13
1,252 reads
A new article from MSDN magazine on stopping SQL Injection attacks by examining how the SQL can be exploited. It's a good basic article for developers as well as DBAs who might have to review code.
2004-08-20
2,865 reads
By John
One of the more frustrating aspects about creating an Azure virtual machine is that...
By Steve Jones
Redgate Monitor has been able to monitor replication for a long term, but it...
By Steve Jones
Superheroes and saints never make art. Only imperfect beings can make art because art...
Comments posted to this topic are about the item Think LSNs Are Unique? Think...
Comments posted to this topic are about the item The AI Bubble and the...
In SQL Server 2025, how many columns can be included in a Primary Key constraint?
See possible answers