Comments for Securing SQL Server

Comment on Other Books by Securing SQL Server 2nd Edition Coming Soon - SQL Server with Mr. Denny

Securing SQL Server 2nd Edition Coming Soon - SQL Server with Mr. Denny — Thu, 26 Apr 2012 14:01:28 +0000

[...] updated everything there for the new edition. You can always find the old edition listed on the Other Books page on that site or on the Books page on mrdenny.com. .topsy_widget_shortcode,div.topsy-sm [...]

Comment on Other Books by Securing SQL Server » Blog Archive » Securing SQL Server 2nd Edition Coming Soon

Tue, 24 Apr 2012 21:14:21 +0000

[...] Other Books [...]

Comment on Chapter 1 of “Securing SQL Server” is now available for free on Amazon. by custom database design

custom database design — Tue, 20 Mar 2012 16:55:24 +0000

custom database design…

[...]Securing SQL Server » Blog Archive » Chapter 1 of “Securing SQL Server” is now available for free on Amazon.[...]…

Comment on Kindle version of Securing SQL Server is available by mrdenny

mrdenny — Fri, 09 Mar 2012 03:15:30 +0000

All you should need to do is attach those files to the SQL Server using the stored procedure sp_attach_db. You can also use SQL Server Management Studio, by right clicking on Databases and select all tasks then select Attach Database.

Comment on Kindle version of Securing SQL Server is available by Leisha Modica

Leisha Modica — Fri, 09 Mar 2012 03:09:01 +0000

Greetings, I figured you will be able to help me. I have a Microsoft SQL .ldf and .mdf file that I need to restore. Any opinions on how to do this? Cheers

Comment on Exposing SQL Server to the public Internet is a pretty bad idea by http://westcampusconnect.asu.edu/?p=1543

http://westcampusconnect.asu.edu/?p=1543 — Thu, 05 Jan 2012 22:35:31 +0000

Title…

This is my Excerpt…

Comment on MySQL.com compromised via SQL Injection attack. Someone should have read Chapter 6. by pws frap

pws frap — Tue, 22 Nov 2011 05:17:11 +0000

pws frap…

[...]Securing SQL Server » Blog Archive » MySQL.com compromised via SQL Injection attack. Someone should have read Chapter 6.[...]…

Comment on Looks like MySQL isn’t the only company to be succeptable to a SQL Injection Attack (looking at you Barracuda) by Joe L.

Joe L. — Wed, 11 May 2011 18:17:49 +0000

If you only allow your app to hit stored procedures, you can prevent a hacker from running ad-hoc queries through SQL injection. When the web-dev groupo says they need ad-hoc SQL queries, just say no. If you really have to give ad-hoc access, grant it only to a DMZ schema and take care what you put in there.

Comment on Looks like MySQL isn’t the only company to be succeptable to a SQL Injection Attack (looking at you Barracuda) by Ayyappan

Ayyappan — Sat, 30 Apr 2011 15:22:35 +0000

Thank you Denny.

Comment on Looks like MySQL isn’t the only company to be succeptable to a SQL Injection Attack (looking at you Barracuda) by mrdenny

mrdenny — Tue, 12 Apr 2011 19:42:00 +0000

This is the catch with SQL Injection, as DBAs we can’t protect the databases from SQL Injection. This must be done from the application layer before the data gets to the SQL Server. By the time it gets to the SQL Server it is just to late. I talk about SQL Injection in chapter 6 of “Securing SQL Server”, there are lots of other books available on SQL Injection specifically.