SQL Server with Mr. Denny:

SecurityFightClub

1

January 7, 2010  11:00 AM

Not everything needs a public IP address.



Posted by: Denny Cherry
SecurityFightClub, Storage

For those of you in bigger shops you can probably ignore this.  If you work in a smaller shop where everything in the datacenter has a public IP, this post is for you.

Bookmark and Share     0 Comments     RSS Feed     Email a friend

August 6, 2009  11:02 AM

What do you mean I can’t access my own database when trying to attach it?



Posted by: Denny Cherry
Attaching Database, Database security, NTFS Permisions, SecurityFightClub, SQL Server

When you detach a database from Microsoft SQL (I'm talking SQL Server 2005 and up here) the SQL Server automatically changes the NTFS permissions on the file so that only the user who told the SQL Server to detach the file has access to them.  SQL Server does this to ensure that an unauthorized...


June 29, 2009  7:37 PM

If I wanted to learn the law, I would have been a lawyer



Posted by: Denny Cherry
Data Encryption, Database Administration, Encryption, Lawyers, SecurityFightClub, Transparent Data Encryption

So your probably a lot like me, you were a teen who liked to play with computers and you managed to end up in IT.  This is awesome you figured, I play with computers and someone actually pays me for this. During the 90’s life was good, there wasn’t any regulations to deal with, you followed...


June 11, 2009  11:00 AM

Who’s been logging into my SQL Server?



Posted by: Denny Cherry
ERRORLOG, LOGIN, Security, SecurityFightClub, SQL Server 2000, SQL Server 2005, SQL Server 2008

Knowing who has been logging into your SQL Server is one of the key things to know about your SQL Server.  It lets you know quite a bit about who’s using your server, and about who’s been trying to break into your SQL Server, and most importantly if they have succeeded. Obviously you can...


May 28, 2009  11:00 AM

What’s the difference between encrypted data and hashed data?



Posted by: Denny Cherry
Database, Database security, Encryption, Hashing, Security, SecurityFightClub

The biggest difference between encrypted data and hashed data is that encrypted data can be decrypted later.  Hash algorithms such as MD5 are one way hashing algorithms which means that the value that is returned can't be decrypted back to the original value. It is important to know the...


April 28, 2009  4:51 AM

Why should the DBA care about Network Firewalls?



Posted by: Denny Cherry
Networking, Security, SecurityFightClub, SQL Server

All to often I see people online asking some sort of question about connecting to their CoLo'ed SQL Server and they connect directly over the Internet.  This is nuts people.  If you can access your SQL Server via Management Studio from anywhere on the Internet so can people who would love to...


January 2, 2009  8:46 PM

Mirroring isn’t a backup solution



Posted by: Denny Cherry
Backup & recovery, Database security, JournalSpace.com, SecurityFightClub, SQL Injection

In case you live under a rock and haven't heard about Journalspace.com's little mistake, they have gone out of business due to a database problem.  Here's a


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: