Auditing Your SQL Server Environment Part II Auditing Your SQL Server
In this article by Randy Dyess he shares with you the script on how he audits his environment and outputs reports of the permissions that users have.
2002-05-30
9,900 reads
Security
SQLsnake Worm Hits SQL Servers and Networks Hard
If you haven't changed the SA password on your SQL Server, you may be soon paying the price. Beginning last week, an old worm has come back in full force, infecting about 100 SQL Servers an hour. Reports of heavy port 1433 scanning began in early may but by the 22nd, the virus really began to take its hold on systems with no SA password.
2002-05-28
4,810 reads
SQL Security Resource Center Opens
SQLServerCentral.com is proud to launch it's first Resource Center for security. It's a one-stop shop for anything related to SQL Server security. All content is user-contributed and contains links to content throughout the web.
2002-05-20
74 reads
SQL Server Security Resources
As I work with a particular topic or problem, I often research on the Internet different opinions, white papers, etc. Here is a list of resources that are located both on SQLServerCentral.com and other sites that I have found useful.
2002-04-08
5,534 reads
Auditing Your SQL Server Environment Part I
Ever been placed into a new environment and couldn't
find an ounce of documentation? This article is the first in a series that will help you make an audit of your new environment
and determine if any SQL Server login does not have a password, has a password the same as the login name or a password that is only one character long.
2002-04-02
10,436 reads
Dynamic SQL vs. Static SQL Part 1 - Security
Sooner or later everyone who works with SQL Server hears that it is better to avoid dynamic SQL at all cost. Dynamic SQL will force you to give out more permissions than static SQL. This article by Robert Marda shows you some of the security issues with dynamic SQL.
2002-02-27
12,942 reads
Worst Practices - Encrypting Data
Continuing with the Worst Practices Series: Steve Jones examines why encryption in the database is a bad idea.
2002-01-08
8,431 reads
Enforcing Security in Multi-Tier Applications
The major part of the article, however, is dedicated to a topic that often confuses people and leads to some of the strongest disagreements among IT professionals and developers: the benefits and drawbacks of enforcing security in the middle (or business) tier versus the data tier.
2001-12-25
1,855 reads
Security Alert : SQL Server Security Bug and Patch
Happy Holidays database administrators! As a parting present before you go home for your year-end break, Microsoft has announced a security problem in SQL Server 7.0 and 2000.
2001-12-24
6,566 reads
Microsoft SQL Server 2000 Security
This document introduces the new security features of Microsoft SQL Server 2000. New features are outlined, and a detailed discussion is provided about how to best implement security in a Microsoft Windows 2000 domain environment. Source code examples are included for developers who want to implement the security model immediately.
2001-12-06
1,547 reads
Blogs
The Book of Redgate: We Value Teams
By Steve Jones
This value is something that I still hear today: our best work is done...
Troubleshooting TempDB Log Full Errors When SSMS Won’t Connect
By gbargsley
Have you ever received the dreaded error from SQL Server that the TempDB log...
Accelerating AI with Confidence: Why Microsoft Purview is Key to Responsible Innovation
By Chris Yates
Artificial intelligence is no longer a distant concept. It is here, embedded in the...
Forums
Planning for tomorrow, today - database migrations
Comments posted to this topic are about the item Planning for tomorrow, today -...
Bottlenecks on SQL Server performance
We have a BI-application that connects to input tables on a SQL Server 2022...
Is there some good routines for updating SQL Server database objects with GitHub
At work we've been getting better at writing what's known as GitHub Actions (workflows,...
Question of the Day
The Tightly Linked View
I try to run this code on SQL Server 2022. All the objects exist in the database.
CREATE OR ALTER VIEW OrderShipping
AS
SELECT cl.CityNameID,
cl.CityName,
o.OrderID,
o.Customer,
o.OrderDate,
o.CustomerID,
o.cityId
FROM dbo.CityList AS cl
INNER JOIN dbo.[Order] AS o ON o.cityId = cl.CityNameID
GO
CREATE OR ALTER FUNCTION GetShipCityForOrder
(
@OrderID INT
)
RETURNS VARCHAR(50)
WITH SCHEMABINDING
AS
BEGIN
DECLARE @city VARCHAR(50);
SELECT @city = os.CityName
FROM dbo.OrderShipping AS os
WHERE os.OrderID = @OrderID;
RETURN @city;
END;
go
What is the result? See possible answers