SEARCH RESULTS
 
Showing 1-10 of 108 records
 
Expand article

Giving SQL Injection the Respect it Deserves

2008-05-15 18:45:00 by sdl in The Security Development Lifecycle
 
...SQL injection attack. The malicious SQL payload is very well designed, somewhat database schema agnostic and generic so it could compromise as many database servers as possible. While the attack was a SQL injection attack that attacked and compromised back-end databases courtesy of vulnerable Web pages, from a user's perspective the real...
 
Tags: sql, sql injection bug, sql injection requirements, sql injection attack, sql server, sql execute-only permission, malicious sql payload, sql injection, sql injection vulnerability
 
 
 
 
Expand article

SQL Server - Fact Checking Recent Vulnerability History

2008-03-05 22:53:36 by jrjones in Jeff Jones Security Blog
 
...SQL Server had "... most vulnerabilities last year of any commercial database..." That is a big error, though it may be a misquote or a miscommunication. Certainly, if you go look at the current version of the original article , the incorrect statement has been removed However, given that as of today, some versions of the article containing...
 
Tags: server, claim sql server, sql, sql server team, sql vulnerabilities, vulnerabilities, sql server, vulnerability, sql team
 
 
 
 
Expand article

Tips for scheduling and testing SQL Server backups

2008-04-01 13:43:35 by Heidi Sweeney in WhatIs: Enterprise IT tips and expert advice
 
Whether you're using SQL Server or SQL Server Express Edition, these tips for scheduling backups will lead you to a successful restore. You'll learn how to schedule backups in SQL Server via the SQL Server Agent and in SQL Server Express using Windows Task Scheduler. SQL Server expert Denny Cherry also shares how to test and secure your backups
 
Tags: sql server, sql server express, backups, sql server agent, schedule backups, windows task scheduler, tips, successful restore, shares
 
 
 
 
Expand article

SQL injection compromises MLSgear.com customer information

2008-02-11 09:27:06 by Evan Francen in The Breach Blog
 
...SQL injection attacks carried out on the MLSgear.com web site between January and August, 2007 Reference URL The New Hampshire State Attorney General breach notification Computerworld online story PogoWasRight.org report Report Credit The New Hampshire State Attorney General Response From the online sources cited above It has recently...
 
Tags: information, sensitive personal information, personal information, mlsgear, sql, debit card information, report credit, credit, credit card fraud
 
 
 
 
Expand article

SQL and SQL Server Tutorial and Reference Guide

2008-04-22 10:56:19 by Heidi Sweeney in WhatIs: Enterprise IT tips and expert advice
 
SQL (Structured Query Language) is the language of databases. This Back to Basics SQL tutorial and reference guide provides a great starting point and foundation for learning SQL or brushing up your skills
 
Tags: sql, basics sql tutorial, reference guide, query language, language, skills, databases, foundation
 
 
 
 
Expand article

SQL Server PerfMon counters for access methods and buffer manager

2008-04-29 13:18:07 by Heidi Sweeney in WhatIs: Enterprise IT tips and expert advice
 
...SQL Server DBA," SQL Server MVP Kevin Kline focuses specifically on SQL Server counters. Kline shares best practices for using access method counters to watch for IO intensive operations, such as full table or clustered index scans and page splits. You'll also learn why it's important to monitor the buffer manager in SQL Server, that is, keep...
 
Tags: sql server, sql server counters, buffer manager, buffer, sql server dba, perfmon counters, quickly pages age, access method counters, lazy writer
 
 
 
 
Expand article

WebGoat 1: SQL Injection Demonstration

2007-11-14 01:19:49 by Editor in Irongeek's Security Site
 
...SQL Injection Demonstration SQL injection is a common web application attack that focuses on the database backend. WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. I plan to use WebGoat for a few future videos. This first WebGoat video will show the basics of...
 
Tags: sql injection, sql injection demonstration, webgoat, video, webgoat video, sql injection lessons, database backend, future videos, basics
 
 
 
 
Expand article

How to use the LEFT vs. RIGHT OUTER JOIN in SQL

2008-03-04 12:06:02 by Abbey M. Weintraub in WhatIs: Enterprise IT tips and expert advice
 
Learn how to use LEFT vs. RIGHT OUTER JOINs in this excerpt from "SQL Queries for Mere Mortals: A Hands-On Guide to Data Manipulation in SQL, Second Edition." You'll learn how to define a SQL OUTER JOIN by using multiple tables and how to use the SELECT statement and embed JOINs with these techniques for creating simple queries
 
Tags: sql, sql outer join, sql queries, mere mortals, data manipulation, multiple tables, select statement, embed joins, outer joins
 
 
 
 
Expand article

SQL Server PerfMon counters for tracking Windows memory

2008-03-06 11:26:32 by Heidi Sweeney in WhatIs: Enterprise IT tips and expert advice
 
In part 1 of this series on "PerfMon counters for the SQL Server DBA," SQL Server MVP Kevin Kline walks you through significant PerfMon counters for tracking Windows memory. In this screencast, you'll learn the maximum numbers to watch for when using PerfMon counters as a method to avoid memory pressure in your SQL Server system
 
Tags: perfmon counters, significant perfmon counters, windows memory, avoid memory pressure, sql server dba, sql server system, maximum, series, screencast