acheter chaussures christian louboutin 2014

acheter chaussures puma 2014

acheter chaussures nike air jordan 2014

Wednesday, October 07, 2015     | Register
Login Security


My Kerberos Checklist…


Kerberos….. The dreaded K word …. Adam Saxton de-mystifies the beast in this great post ... Source : Adam W. Saxton - CSS SQL Server Engineers - Blog Post



Unravelling Active Directory


Understanding how a user has access to a database can be difficult when multiple levels of Active Directory group membership is involved. In this post, Linchi provides a perl script to make this process much easier ... Source : Linchi Shea -



Logins, Users and SIDs


In this post, Greg walks us through a number of options for linking users and logins whose SID values have been displaced ... Source : Greg Low -



Listing Objects Owned by a Server Principal


Brian shares a script which can be used to list all objects owned by a given login in any database ... Source : K. Brian Kelley -



Limiting connections to a specific application


Aaron lets us in on a little known SQL Server feature; the ability to restrict connections to a particular application ... Source : Aaron Bertrand -



Configuring Kerberos Authentication


Brian does a great job of tackling a tricky and often misunderstood topic; Kerberos Authentication ... Source : K. Brian Kelley -



Public Role Permissions


A number of security breaches originate from the public role having too many permissions. In this post, Tim shares a script which lists the permissions granted to this role ... Source : Tim Ford -



Row Level Security


For certain environments and applications, row level security, that is, blocking access to particular rows for given users, is crucial. In this article, Brian discusses a number of techniques for implementing this ... Source : K. Brian Kelley -



Alerts for Repeated Login Failures


A great example of the power of combining monitoring and automation; in this article, David walks us through the process of setting up monitoring and alerts for repeated login failures ... Source : David Bird -



Windows Groups; Management Challenges for SQL Server Logins


The Windows Authentication mode allows logins to be defined for both Windows users and groups. As Laurentiu points out in this blog post, whilst adding Windows Groups can simplify management, they come with some additional considerations, particularly around object ownership and default databases/schemas ... Source : Laurentiu Cristofor - - Blog Post



SIDs, Orphaned Users and users without a login


Laurentiu addresses some common misconceptions about orphaned and login-less users that result from moving databases between servers and/or deleting logins ... Source : MSDN Blogs - Laurentiu Crisofor - Blog Post



pwdencrypt and pwdcompare


Laurentiu takes us through the details of using the undocumented commands pwdencrypt and pwdcompare and how they can be used to identify weak SQL passwords ... Source : MSDN Blogs - Laurentiu Cristofor - Blog Post




SQL Server 2008 Auditing Whitepaper


The SQL Server 2008 Auditing Whitepaper. Includes coverage of the performance impact of auditing under various workloads ... Source : - Whitepaper



Auditing in SQL Server 2008


Need to audit select statements on a specific table? In SQL 2005, this was not possible without 3rd party tools or using stored procs to create a custom solution. In 2008, we can use the new and enhanced auditing feature, as Aaron points out in this posting ... Source : Aaron Bertrand - - Blog Post



SQL Audit Buffering and Error Handling


The new SQL Audit Feature in SQL Server 2008 provides significant auditing improvements over earlier versions. The focus of this post is on the buffering and error handling aspects including coverage of the impacts of the QUEUE_DELAY setting ... Source : SQL Server Security Blog - - Blog Post



Tuning Change Data Capture Performance


This whitepaper describes methods for maximizing the performance of Change Data Capture implementations ... Source : - Whitepaper



Standardized SQL Server 2008 Audit


Lara provides several scripts to help get us started on creating standardized SQL Server audits ... Source : Lara Rubbelke -


SQL Injection, Malware & Viruses


One of the (many) benefits of Stored Procedures


In addition to reducing Adhoc SQL induced cache bloat, Stored Procedures increase security by avoiding the need to grant permissions to underlying tables. In this post, Tony Rogerson uses an example of a recent SQL Injection Robot to highlight this point ... Source : Tony Rogerson - - Blog Post



Source Code Analyzer for SQL Injection


To help against the increasing amount of SQL Injection attacks, Microsoft has released a tool to analyze ASP and ASP.NET source code for SQL Injection vulnerabilities. This blog post provides a link the download along with a description of the tool including code examples for analyzing directories of multiple asp files. ... Source : - MSDN Blog Post



Web Application Firewalls


SQL Server MVP Jason Massie discusses a (temporary) alternative to editing large amounts of ASP code to prevent SQL Injection Attacks ... Source : Jason Massie - - Blog Post



SQL Rover


SQL Rover will recursively search through a directory, generally your IIS log directory, and look inside of the logs for possible SQL Injections ... Source :



Security Vulnerabilities


A great article containing various techniques used for injection, brute force, port scanner and xp_cmdshell attacks. Some scary reading here …. ... Source : - Article



Malware to Attack Databases


This paper is about Data0, a fictitious malware that will automatically hack database servers and steal their data. Several techniques used by Data0 will be detailed. While Data0 could be used by the bad guys for evil purposes, it could also be used by security professionals and organizations to determine how strong networks, workstations, database servers, etc. are against this kind of attack. This paper is not intended to be a cook book for cyber criminals, it's intended to show people that by implementing simple techniques malware can become “smarter” and cause a lot more damage in the very near future ... Source :



SQL Injection


In this post, Aaron uses a recent article on a "Massive Injection attack" to highlight some best practices in locking down SQL Server to prevent similar injection attacks ... Source : Aaron Bertrand - - Blog Post

Firewalls & Network Configuration


The Database Exposure Survey 2007


A frightening read which highlights the number of internet exposed database servers ... Source : Next Generation Security Software -



Troubleshooting Kerberos Issues


In this article, Adam Saxton starts down the long road of double-hop troubleshooting by providing a gentle introduction to Kerberos, and how to recognize Kerberos SQL related issues ... Source : Adam Saxton - Microsoft SQL Server Support Blog - Blog Post



TCP Port Assignment


When choosing a static TCP port for a SQL Instance, care should be taken to avoid port numbers used by other applications. This resource from lists all registered application port numbers and points out the safe range (49152 through 65535) for private port assignment ... Source :



SQL Server & Firewalls


With Windows Server 2008 being the first Server OS to enable the Windows Firewall by default, now is a great time to review the SQL Server firewall strategy. This post provides a five step approach for achieving best practice firewall configuration for SQL Server ... Source : - MSDN Blog Post 

Least Privilege & Best Practices


SQL Server Agent job/user contexts


It's sometimes a little confusing trying to work out the security context of a SQL Server agent job. In this post, Tibor helps us in that very task ... Source : Tibor Karaszi -



Implementing Database Object Schemas


A great whitepaper explaining the benefits of Database Object Schemas. As well as listing a number of best practices, it explains how schemas can be used to protect database objects from unintended access/modification as well as simplifying administration ... Source : Michael Redman - - Technical Article



SQL Server 2008 Compliance Guide


This whitepaper provides an overview of the SQL Server 2008 features that can be utilized for compliance purposes. As well as covering Policy Based Management, it covers security techniques such as separation of duties, encryption and auditing ... Source : - Whitepaper



SQL Server 2008 Security Overview for Database Administrators


SQL Server 2008 is secure by design, default, and deployment. Microsoft is committed to communicating information about threats, countermeasures, and security enhancements as necessary to keep your data as secure as possible. This paper covers some of the most important security features in SQL Server 2008. It tells you how, as an administrator, you can install SQL Server securely and keep it that way even as applications and users make use of the data stored within ... Source : - Whitepaper



SQL Server 2005 Security Best Practices - Operational and Administrative Tasks


This white paper covers some of the operational and administrative tasks associated with SQL Server 2005 security and enumerates best practices and operational and administrative tasks that will result in a more secure SQL Server system ... Source : - Technet Article



Common SQL Server Security Issues and Solutions


In this article, Paul tackles a number of important security issues from physical and network security through to SQL Injection, auditing and service accounts ... Source : Paul Randal - Technet Magazine



Script to determine permissions in SQL Server 2005


A great article from outlining the usage of the fn_my_permissions function to return the current permissions of a specific user at various levels in a given database or at the server level ... Source : - Article



Separation of Duties


Despite "Least Privilege" and "Separation of Duties" being fundamental security concepts, they are frequently overlooked, often with disastrous consequences. Amongst other topics, this article covers user/schema separation, and how it can be used to create more secure database applications ... Source : - MSDN Technical Article



Alternatives to xp_cmdshell


Raul Garcia offers some alternatives to enabling the potentially dangerous xp_cmdshell including CLR and TSQL with EXECUTE AS ... Source : MSDN Blogs - Raul Garcia - Blog Post



The TRUSTWORHY bit database property in SQL Server 2005


Raul offers some best practices regarding the use of the Trustworthy bit property introduced in SQL 2005. ... Source : MSDN Blogs - Raul Garcia - Blog Post 



SQL Server 2000 Security Checklist


Provides a summary of best practices for SQL Server 2000 and links to in depth security articles ... Source : - Technet Article





Transparent Data Encryption in SQL Server 2008


Laurentiu provides an excellent coverage of the new Transparent Data Encryption (TDE) feature in SQL Server 2008 ... Source : MSDN Blogs - Laurentiu Crisofor - Blog Post



SQL Server Cryptography


A great overview of how cryptography is used throughout SQL Server, from authentication and permissions through to the various encryption methods ... Source : - MSDN Technical Article



Password Authentication


Laurentiu compares 4 methods for password authentication; store clear, store encrypted, store hash and store salted hash ... Source : MSDN Blogs - Laurentiu Cristofor - Blog Post



Encryption Techniques Compared


A great article on MSDN comparing various data encryption techniques. Transparent Data Encryption in 2008 is compared with cell level encryption in 2005 (also supported in 2008) as well as BitLocker and EFS ... Source : - Article



Why you should not encrypt data with certificates


In this blog post, Laurentiu argues the case to only encrypt data in SQL 2005 using symmetric keys ... Source : MSDN Blogs - Laurentiu Cristofor - Blog Post



How to determine the size of Encrypted Data


Encrypted data is larger than unencrypted data. But how much larger? ... Source : MSDN Blogs - Laurentiu Cristofor - Blog Post



Restoring databases in SQL 2005 that use encryption


If the Service Master Key (SMK) is dropped for tighter control it needs to be regenerated following a database restore. Laurentiu takes us through the process in this blog post. Update: How to recover when the service master key (SMK) is not accessible  ... Source : MSDN Blogs - Laurentiu Cristofor - Blog Post



How SQL Server uses Certificates


How does SQL Server use Certificates internally to encrypt data? Laurentiu explains in this Blog Post ... Source : MSDN Blogs - Laurentiu Cristofor - Blog Post



SSL Encryption


In this post, Brad discusses the end result of a number of client and server encryption settings ... Source : Brad Sarsfield - - Blog Post



SQL Encryption


Microsoft Whitepaper that explores the encryption features in SQL Server 2005 ... Source : - Download



SQL Server 2008 Encryption


SQL Mag article covering database encryption in SQL Server 2008 including Extensible Key Management and Hardware Security Modules - SQLMag subscription required to view this article ... Source : - Article



Microsoft IT Showcase ; Improving Data Security by Using SQL Server 2005


Detailed discussion describing how Microsoft IT uses SQL Server 2005 to improve data security for its line-of-business applications. SQL Server 2005 enabled Microsoft IT to implement column-level encryption together with a robust, and yet easy-to-use encryption key management framework ... Source : - Download



SQL Server 2000 C2 Administrator's and User's Security Guide


This book is designed to help you install and use a C2-level certified SQL Server ... Source : - Technet Article



Using SQL Server in FIPS Compliance Mode


FIPS stands for Federal Information Processing Standard. A FIPS is a standard developed by two government bodies. One is NIST, the National Institute of Standards and Technology, in the United States. The other is CSE, the Communications Security Establishment, in Canada. FIPS are standards that are either recommended or mandated for use in federal (either U.S. or Canadian) government-operated IT systems ... Source : - Knowledge Base Article



Can encryption make you more vulnerable?


Laurentiu blogs about a recent article that argues how encrypting data may actually increase vulnerability. An excellent read ... Source : Laurentiu Christofor - - Blog Post



Copyright (c) 2015   |  Privacy Statement  |  Terms Of Use

acheter chaussres nike air max 2014

acheter chaussures nike free run 2014