SQL Server with Mr. Denny

October 19, 2016  8:10 PM

Obscurity is not Security

Denny Cherry Denny Cherry Profile: Denny Cherry
SQL Server

AndyWe’ve all heard the argument that using a different TCP port number for SQL, other than 1433, is more secure.  Here’s the truth, it isn’t.  Andy said it best here in a conversation on Twitter that happened in the #sqlhelp hash tag.  If you think that hiding your SQL Servers on a different TCP port number is going to make them harder to break into you are sadly mistaken.

The two most common ways of a data breach are employees and SQL Injection.  Employees already know what port the SQL Server is listening on, as they know how to connect to it already.  If not, they can easily download a port scanner and scan the SQL Server for open ports.  The ones that are open they’ll connect to.  If it’s a decent port scanner it’ll tell them which port is SQL and what all the other open ports are so they’ll know which one to connect to. You’ve slowed the attacker down by about 5-10 seconds, maybe.

If the attacker is using SQL injection then they don’t care what port the SQL Server is running on. They are connecting to the web/app tier and just using whatever SQL Server connection information that the application has to get access to your database.  By changing the TCP port number you haven’t slowed them down at all.

Proper security requires understand user/business requirements and building a solution which will meet those requirements while building proper secure protections into the system so that if something does go wrong the exposure is limited.

Pretending that hiding the servers and making them harder to find is making them more secure isn’t.  Spend time doing things which will make the environment actually secure so that when the system is breached the data isn’t all lost.  And if possible do this without making the environment harder to manage, which is all that you are doing by changing the TCP port numbers.


October 12, 2016  4:00 PM

Why do I fly all over the world giving presentations?

Denny Cherry Denny Cherry Profile: Denny Cherry

I travel, a lot. A lot of my travel is to go speak at events somewhere in the world. I’ve had the privilege of being able to travel to 4 continents and 12 countries (that I can think of) giving presentations on Microsoft SQL Server and Microsoft Azure.

Why do I do it? To give back. I learned a lot of what I learned from speakers at conferences as small as a SQL Saturday, code camp, user group, etc. and as large as Microsoft TechEd, Microsoft Ignite, EMC World, VMworld, etc. As I learned a lot from these events, I think that it’s only fair that I continue to go to these events and pass what I’ve learned on to the next group of3515760197_922a0982f8_b people looking to learn about IT.

With the IT field changing annually, if not more often than that we have to keep learning because if we don’t then we become stagnant in our carriers and we become less valuable to our employers, clients, etc.

The other advantage that I have when I go to these events is that I get to meet new people and see new places. As I’ve traveled to all these various conferences and classes I’ve met some amazing people that without speaking at these events I never would have had the opportunity to meet.

Back in high school, and even when I started working I was a massive introvert. Way, way more than you could have even imagined. Just the idea of talking to people was just something that wasn’t going to happen, much less actually talking to people that I hadn’t known my entire life. But now I’m so privileged to be able to visit places that I never thought that I’d ever get to visit and meet people that have the same career as me, but have had totally different lives than I’ve had. To get to visit with them even if just for a day or a weekend while at the conference is such a privilege that I’m happy that I have the chance to fly around and meet all these amazing people.

I think my favorite story to date of meeting people in random locations happened this last June (in 2016) when Karen Lopez (@datachick) and I were in Bangalore India teaching a class. She was there for one class and I was there for two classes with a week in between. Karen was kind enough to stay in India for a few days extra to keep me company and to enjoy the awesomeness of the hotel and city with me. On Tuesday we decided that we’d do a little sightseeing and go visit a couple of science museums. At the Science and Technology museum in Bangalore, India we had two different groups of people ask to take pictures with us. We were so shocked that we of course said yes.

When we were talking about it later we were really hoping that they worked in the IT field and knew who one or both of us were, and that they didn’t think we were someone actually famous. I know that I’m really hoping that the photos get uploaded to Facebook and Facebook’s facial recognition tags us (or that they tag us) so that Karen and I can see the pictures and see how they know us.

Anyway, enough of my rambling blog post. The plane is landing soon, on my last leg of my longest trip to date, exactly one month long (I left home on June 2nd and I’m arriving home July 1st).

Hopefully I’ll see you at a class, or conference somewhere in the world. Or maybe at an online event (but those aren’t anywhere near as much fun as it’s a little hard to chat with people over a webinar).


October 3, 2016  4:00 PM

Just because you are in the cloud, doesn’t mean you can skip those DR plans

Denny Cherry Denny Cherry Profile: Denny Cherry

You moved your critical infrastructure to the cloud.  You’re now relying on the cloud for 100% of your customer facing systems.  Did the sales person from your cloud provider tell you that you didn’t need DR any more because you are relying on their rock solid infrastructure?  Did you believe them?

I hope you didn’t believe them, because they were wrong.

Now, you’re probably thinking that this isn’t the first time that I’ve talked about this, and you’d be rightVery right. There was even a webinar.  And yet people still think that they don’t need a DR plan when running services in the cloud.  When I loggedAsia into the Azure portal over the weekend I was greeted with this unhappy looking map.  This outage in Azure isn’t just a small little outage. There’s an entire storage cluster offline this weekend.  This means that there’s some decent chunks of the East Asia region offline at the moment.  This is the exact reason why you need to have a DR plan available and executable, even when working in the cloud.

The cloud isn’t some magical platform for running services in thin air.  It’s servers, in racks, in data centers, owned by someone else.  If you aren’t prepared when those servers fail, and they will fail, then you are going to be in a world of hurt when they do fail.

I wish I could say that the cloud will just take car of this automatically, but it won’t, probably even.  So as the technology people who are building solutions in the cloud, we need to be able to handle these sorts of failures, just like we would have on-premises by having our systems designed and build with DR in mind. We need to have DR plans at the ready so that we can survive these sorts of failures.

Now this isn’t the only outage that Azure has had this year.  But they also aren’t the only cloud provider to have an outage this year.  According to the latest numbers (January through August) which I’ve seen Azure has been available 99.9982% of the time while Amazon AWS has been available 99.9975%.  Now these aren’t self reported numbers, these are the numbers from Gartner’s Cloud Harmony report.

Every cloud provider has outages. How we plan for them and execute them decides how well we handle the outages that come up.


September 30, 2016  6:08 PM

Recommended reading from mrdenny for September 30, 2016

Denny Cherry Denny Cherry Profile: Denny Cherry
Apache Spark, Azure, Internet of Things, SQL Server, VMware

This week I’ve found some great things for you to read. These are a few of my favorites that I’ve found this week.

Hopefully you find these articles as useful as I did. Don’t forget to follow me on Twitter where my username is @mrdenny.


September 26, 2016  5:18 PM

Your PASS Summit Speaker Idol Judges

Denny Cherry Denny Cherry Profile: Denny Cherry
SQL Server

Last week I announced the PASS Summit 2016 Speaker Idol contestants.  This week it’s time to announce the judges.  We’ve seen most of the judges at speaker idol before, so we know how great a job they’ll do.  Last year we had 5 jPASS 2015_SpeakerIdol_Banners_338x116_1udges each day and six at the finals and things were a little to cramped at the judges table.  So this year we’ve reduced the number of judges by one.  For each of the opening rounds we’ll have four judges, then at the finals we’ll have five judges.

Our judges this year for Speaker Idol will be:

Joey D’Antoni
Allan Hirt
Karen Lopez
Mark Simms
Kendra Little
Andre Kamman

Now you might be noticing that there are six names when I said that there would only be 4 judges plus one for the finals.  Because of how tight the schedule at the PASS Summit is we can’t have the same judges judging all the sessions, so we decided to break things up a little, which gives us a chance to work with an amazing new judge for this year, Kendra Little.

The way the judging lineup will land will as follows.

  Wednesday Thursday Friday Finals
Joey X X X X
Allan X X X
Karen X X X X
Mark X X X X
Kendra X
Andre X

I think that we’ve got a really great lineup of judges for this years Speaker Idol. Each one of our judges is a very well known speaker and they’ll all be able to give really great feedback to our contestants.

I’d really like to thanks our judges for offering to give up some a large chunk of time at the summit to do this (there’s only so many sessions at the summit, and this is a big chunk of time).

I’m really looking forward to this years speaker idol, I know everyone is going to go great.

And I’ll see everyone Wednesday at the first speaker idol session.


September 23, 2016  6:31 PM

Recommended reading from mrdenny for September 23, 2016

Denny Cherry Denny Cherry Profile: Denny Cherry
Apache Spark, Azure, SQL Server, VMware

This week I’ve found some great things for you to read. These are a few of my favorites that I’ve found this week.

Hopefully you find these articles as useful as I did. Don’t forget to follow me on Twitter where my username is @mrdenny.


September 19, 2016  11:48 PM

Announcing your PASS Summit 2016 Speaker Idol Contestants

Denny Cherry Denny Cherry Profile: Denny Cherry

Well the time has come to announce the PASS Summit 2016 Speaker Idol contestants.  We had a great group of people submitPASS 2015_SpeakerIdol_Banners_440x220 to present at the speaker idol, and I have to say that the selection process was quite tough.  But thankfully it’s all over, the folks who have been accepted into this years event have been told (and they replied).  Those you weren’t selected have been notified.

All that’s left now is to tell everyone else.  The speaker order for each day will match what’s listed here.




Daniel Janik
Martin Catherall
Kevin G. Boles
Eric Peterson
Amy Herold
Tom Norman
Shabnam Watson
Tzahi Hakikat
Brian Carrig
Todd Kleinhans
Peter Kral
Robert Verell

For openness, I do know a few of these folks, but that wasn’t taken into account when I sorted the list.  As I’m not a judge what I want has no effect on the outcome.

By the Friday afternoon of the PASS Summit we will know which one of these will be the first speaker announced for the PASS Summit 2017.

Speaker idol sessions this year will be in room TCC Yakima 1 (go through the dining hall, down the escalators into the TCC). The Wednesday, and Thursday sessions will be held at 4:45pm. The Friday session will be at 11am. The finals will be at 3:30pm all in the same room. You can find the Speaker Idol sessions published on the schedule. You can either search for “Idol” or “Denny” and you’ll find the Speaker Idol Sessions so you can add them to your schedule.

Thanks for supporting PASS, thanks for supporting Speaker Idol, and be sure to swing by the Consultants Corner booth in the exhibit hall at booth 316 to get scanned for our prize drawing and to pick up some of our awesome swag!


September 13, 2016  1:54 AM

If your post title doesn’t represent your article, you have failed as a writer

Denny Cherry Denny Cherry Profile: Denny Cherry

I was minding my own business scrolling through Facebook while sitting on thliese airport shuttle to the rental car lot when I ran across the steaming pile of BS shown in the image to the right.  If you aren’t into reading graphics the title of the article is “My Eight Dollar Flight Upgrade Trick” (which I won’t link to).  In the article the author talks about how he buys candy for the flight attendants so that they are nicer to him (shocking, buying gifts for people make it so they are nicer to you).

In this article the author actually says that he doesn’t do this to get an upgrade (there’s a nice humble brag about getting upgraded all the time due to his status), in fact he doesn’t say that this ever works (hint: it doesn’t because upgrades are almost always handled by the computer in order; and are done by the gate agent not the flight attendant).

This is what we call click bait.  This happens when the author has written such a crap article, usually about nothing with no actual substance, that they have to trick you into clicking on the article in order to get page views.  When the editors look at the number of page views that they article gets the number looks great, so the author keeps getting contracts to write articles (because clicks and views equal ad revenue).  You’ve seen these before on Facebook and Twitter.  They come up in all walks of live from IT articles, travel articles, news articles, politics (political authors are REALLY good a writing BS).

When you see this stuff, leave comments about the title being BS. Write to the editors, or better yet if the title seems like crap, just don’t read the article.


September 9, 2016  5:18 PM

Recommended reading from mrdenny for September 9, 2016

Denny Cherry Denny Cherry Profile: Denny Cherry
SQL Server

This week I’ve found some great things for you to read. These are a few of my favorites that I’ve found this week.

Hopefully you find these articles as useful as I did. Don’t forget to follow me on Twitter where my username is @mrdenny.


September 7, 2016  7:32 PM

PASS Summit 2016 Attendee Orientation Webcast

Denny Cherry Denny Cherry Profile: Denny Cherry

On October 7th at 11am PST / 2pm EST join me (Denny Cherry) at the PASS Summit 2016 Attendee Orientation. DuriPASS_16_SpeakingSmall_250x250ng this webcast we’ll cover everything you need to know about the PASS Summit, before attending the PASS Summit. This includes hotels, rental cars, parties, places t o eat, getting around the city and the convention center.

By the end of this webcast Seattle and the PASS Summit will feel like your second home.

Register today to hold your spot for this free webcast, and we’ll see you on the 7th.


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: