Threat Profiling SQL Server
An interesting research paper by David Litchfield on how an attacker might go about attacking your server. Definitely worth a read.
2002-09-06
532 reads
Security
Security Update for SQL Server SP2
Microsoft has release a cumulative security update for SQL Server with SP2. Read , download and update your SQL Server!
2002-07-25
3,912 reads
SQLServerCentral.com Launches SQL Server Security Analzyer
SQLServerCentral.com launched its first online free software, which can evaluate your SQL Server remotely and look for SQL Server security vulnerabilities. This free service looks for weak or no passwords and does a basic penetration test online.
2002-06-13
55 reads
Auditing Your SQL Server Environment Part II Auditing Your SQL Server
In this article by Randy Dyess he shares with you the script on how he audits his environment and outputs reports of the permissions that users have.
2002-05-30
9,911 reads
SQLsnake Worm Hits SQL Servers and Networks Hard
If you haven't changed the SA password on your SQL Server, you may be soon paying the price. Beginning last week, an old worm has come back in full force, infecting about 100 SQL Servers an hour. Reports of heavy port 1433 scanning began in early may but by the 22nd, the virus really began to take its hold on systems with no SA password.
2002-05-28
4,813 reads
SQL Security Resource Center Opens
SQLServerCentral.com is proud to launch it's first Resource Center for security. It's a one-stop shop for anything related to SQL Server security. All content is user-contributed and contains links to content throughout the web.
2002-05-20
77 reads
SQL Server Security Resources
As I work with a particular topic or problem, I often research on the Internet different opinions, white papers, etc. Here is a list of resources that are located both on SQLServerCentral.com and other sites that I have found useful.
2002-04-08
5,536 reads
Auditing Your SQL Server Environment Part I
Ever been placed into a new environment and couldn't
find an ounce of documentation? This article is the first in a series that will help you make an audit of your new environment
and determine if any SQL Server login does not have a password, has a password the same as the login name or a password that is only one character long.
2002-04-02
10,441 reads
Dynamic SQL vs. Static SQL Part 1 - Security
Sooner or later everyone who works with SQL Server hears that it is better to avoid dynamic SQL at all cost. Dynamic SQL will force you to give out more permissions than static SQL. This article by Robert Marda shows you some of the security issues with dynamic SQL.
2002-02-27
12,961 reads
Worst Practices - Encrypting Data
Continuing with the Worst Practices Series: Steve Jones examines why encryption in the database is a bad idea.
2002-01-08
8,434 reads
Blogs
SQL, MDX, DAX – the languages of data
By DataOnWheels
Ramblings of a retired data architect Let me start by saying that I have...
Setting PK Names in Redgate Data Modeler
By Steve Jones
A customer was testing Redgate Data Modeler and complained that it auto-generated PK names....
Flyway Tips: AI Deployment Script Descriptions
By Steve Jones
With the AI push being everywhere, Redgate is no exception. We’ve been getting requests,...
Forums
Connecting Power BI to SSAS and effective user not working
Hi everyone, Below is a consolidated summary of what we validated Architecture & data...
High Availability setup - has anyone seen this method?
Hi all, I recently moved to a new employer who have their HA setup...
Semantic Search in SQL Server 2025
Comments posted to this topic are about the item Semantic Search in SQL Server...
Question of the Day
Encoding URLs
I have this data in a SQL Server 2025 table:
CREATE TABLE Response ( ResponseID INT NOT NULL CONSTRAINT ResponsePK PRIMARY KEY , ResponseVal VARBINARY(5000) ) GOIf I want to get a value from this table that I can add to a URL in a browser, which of these code items produces a result I can use? See possible answers