Melton (10/2/2009)

---

Active Directory itself includes a attribute that can be queried that has the last logon timestamp.

Now this timestamp does not mean that SQL Server was the last thing they...

SQL Serer does not keep track of when a login last connected. You'd have to come up with a different way to track that (logon trigger, trace, etc.). As far...

SequelDBA (10/1/2009)

---

If a program requires a login with the SYSADMIN role and rights to Master, will a login with the SYSADMIN role have rights to MASTER by default or does...

pclemares (7/3/2009)

---

Hello

I have a Sql 2000 and I'd like to migrate to sql 2005. The problem I have it's that on the Sql 2000 I have the password of SA...

If you have the option, pull the web server off the wire and begin a proper forensics investigation ASAP. If it's coming from a web server using a known login...

You can add Application Name and Hostname to the columns you're reporting on. Unless those have been hacked (and they can be), that should tell where, what app, and the...

Elliott W (9/28/2009)

---

Also, you might be able to "hack" sp_password to store the passed in parameters in a table. I have to say I would do this LAST or...

You might be able to tell if the information is still in the default trace. If you've got SSMS and you've got it patched to at least SP2 (where Reports...

Hanging the SQL Server in the DMZ brings up other issues, like how to get backup files off, how to patch, etc. so I'd stick with the SQL Server on...

Your risk team is approaching such access incorrectly based on a full understanding of Windows authentication and Active Directory. Here's the best way to approach it:

- All access within SQL...

Elliott W (9/22/2009)

---

I see your points, but I would say that there are circumstances that negate or mitigate each of your points and whether this particular problem that the poster...

John,

get Kevvie Fowler's book. It will tell you everything you need to know and he handles chain of custody, etc., in his treatment of what to do.

SQL Server Forensics...

Because you're consuming memory and resources intended for the SQL Server process, 1, and 2, it means your SQL Server service account doesn't have to have special privileges within the...

Use scripts or custom applications to do this, don't originate it from SQL Server (speaking as both a SQL Server DBA and a former directory services administrator). If you're using...

tafountain (9/21/2009)

---

Brian,

Thanks for the response. I actually have a couple of scenarios to address:

- company employees using company owned laptops that connect via a normal VPN

- offshore development teams...