SqlServerKudos - Stories tagged with Security

Security

atom rss
1
kudos
spam Kudos Remove

SQL Server Connnection errors: "No process is on the other end of the pipe" or "An existing connection was forcibly closed by the remote host"
published 16 days, 5 hours, 53 minutes ago posted by sasa 25 days, 4 hours, 9 minutes ago
Thursday, July 15, 2010 2:12:44 PM GMT Tuesday, July 06, 2010 3:56:26 PM GMT
SQL Server Connnection errors: "No process is on the other end of the pipe" or "An existing connection was forcibly closed by the remote host"
This is a typical error during the connection attempt to a SQL Server 2005 instance, this morning I was faced with similar issue at workplace. Initially I was confused why it is specifying the error: NO process is on the other end of pipe, which gives the thought about using Named-pipes protocol for that SQL instance. To ensure the TCP/IP and/or Named-pipes are enabled I have gone through SQL Server Surface Area Configuration tool as below: Start > Microsoft SQL Server 2005 > Configuration...(read more) (more)
category: News | clicked: 0 | comment | | source: sqlserver-qa.net
tags: .NET, certificate, Connections, framework, installallation, named pipes, Security, SQL Server, surface, tcp-ip
1
kudos
spam Kudos Remove

Msg 916, Level 14, State 1, Procedure Line 0 server principal "sa" is not able to access the database "DBName" under the current security context
published 23 days, 6 hours, 23 minutes ago posted by sasa 31 days, 4 hours, 39 minutes ago
Thursday, July 08, 2010 1:42:05 PM GMT Wednesday, June 30, 2010 3:26:43 PM GMT
Msg 916, Level 14, State 1, Procedure Line 0 server principal "sa" is not able to access the database "DBName" under the current security context
A typical error suggesting that user is unable to access the database within the security context, I would say it is serious one. Why I said typical at the beginning that it is not a regular error number you should see within the day-to-day stuff, a brief overview on BOL about the text reveals that when you run a TSQL statement to raise the DDL related actions such as trigger then youw will get such message. Also further to that note KBA913422 refers that this occurs when following conditions are...(read... (more)
category: News | clicked: 0 | comment | | source: sqlserver-qa.net
tags: css, data file, DDL triggers, impersonate, Implicit conversion, Security, SQL Server, trigger, trustworthy, TSQL
1
kudos
spam Kudos Remove

TSQL to obtain the logins provisioned in the SQL Server sysadmin fixed server
published 24 days, 6 hours, 28 minutes ago posted by sasa 31 days, 6 hours, 49 minutes ago
Wednesday, July 07, 2010 1:37:08 PM GMT Wednesday, June 30, 2010 1:16:43 PM GMT
TSQL to obtain the logins provisioned in the SQL Server sysadmin fixed server
In followup to the blog post about SQL Server 2008 Security gotcha: BUILTIN\Administrator is no longer SYSADMIN, only in case of? here I had an email asking about how to determine the logins provisioned in the SQL Server sysadmin fixed server. Here is the TSQL that I got from CSS person when troubleshooting a problem to obtain the above result: SELECT p.name AS [Name] FROM sys.server_principals r INNER JOIN sys.server_role_members m ON r.principal_id = m.role_principal_id INNER JOIN sys.server_principals... (more)
category: News | clicked: 0 | comment | | source: sqlserver-qa.net
tags: builtin\administrator, privilege, Security, server principal, SQL Server, TSQL
1
kudos
spam Kudos Remove

SQL Server 2008 Security gotcha: BUILTIN\Administrator is no longer SYSADMIN, only in case of?
published 24 days, 6 hours, 28 minutes ago posted by sasa 32 days, 6 hours, 50 minutes ago
Wednesday, July 07, 2010 1:37:08 PM GMT Tuesday, June 29, 2010 1:15:59 PM GMT
SQL Server 2008 Security gotcha: BUILTIN\Administrator is no longer SYSADMIN, only in case of?
Here is an interesting 'sql security' discussion I had during the SASSUG usergroup interaction with regard to BUILTIN\Administrator role from SQL Server 2008 onwards. Since SQL Server 2005 the instance has been classified as 'secured by design/default' by cutting down the elevated access to the SQL Server. From the operating system side login privilege, by default SQL adds the group BUILTIN\Administrators to the sysadmin fixed server role, meaning that any local NT administrator is automatically...(read ... (more)
category: News | clicked: 0 | comment | | source: sqlserver-qa.net
tags: access, Best Practices, builtin\administrator, control, DAC, DBA, dedicated admin console, registry, Security, SQL Server, UAC, windows authentication
1
kudos
spam Kudos Remove

SQL Server 2008 Best Practices Analyzer (BPA) available for download
published 31 days, 6 hours, 59 minutes ago posted by sasa 40 days, 7 hours, 59 minutes ago
Wednesday, June 30, 2010 1:06:43 PM GMT Monday, June 21, 2010 12:06:31 PM GMT
SQL Server 2008 Best Practices Analyzer (BPA) available for download
In followup to the SQL Server 2008 Best Practices Analyzer - keep an eye for the release post here, CSS SQL Server Engineers from PSSQL blog have announced that final development and testing were completed on the tool and it is now available for you to download at this location . The BPA tool gone through an overhaul from CSS SQL team on rules logic, design and guidance for known configuration settings, so it is nothing but scanning and getting most of real-world review of your environment. Also...(read ... (more)
category: News | clicked: 0 | comment | | source: sqlserver-qa.net
tags: best practice analyzer, bpa, Compatibility, DBA, Documentation, download, policy based framework, rules, Security, SQL Server, Tool
1
kudos
spam Kudos Remove

Microsoft Security Bulletin Summary for June 2010 - Bulletin MS10-033
published 43 days, 7 hours, 54 minutes ago posted by sasa 52 days, 8 hours, 25 minutes ago
Friday, June 18, 2010 12:11:40 PM GMT Wednesday, June 09, 2010 11:40:43 AM GMT
Microsoft Security Bulletin Summary for June 2010 - Bulletin MS10-033
This bulletin summary lists security bulletins released for June 2010. The full version of the Microsoft Security Bulletin Summary for June 2010 can be found at http://www.microsoft.com/technet/security/bulletin/ms10-jun.mspx . With the release of the bulletins for June 2010, this bulletin summary replaces the bulletin advance notification originally issued on June 3, 2010. For more information about the bulletin advance notification service, see http://www.microsoft.com/technet/security/Bulletin/advance... (more)
category: News | clicked: 0 | comment | | source: sqlserver-qa.net
tags: bulletin, download, microsoft, notification, search, Security, team, technical, update
1
kudos
spam Kudos Remove

Error: 17308, Severity: 16, State: 1. LazyWriter: Process 4 generated an access violation. SQL Server is terminating this process
published 51 days, 8 hours, 30 minutes ago posted by sasa 60 days, 10 hours, 51 minutes ago
Thursday, June 10, 2010 11:35:38 AM GMT Tuesday, June 01, 2010 9:14:44 AM GMT
Error: 17308, Severity: 16, State: 1. LazyWriter: Process 4 generated an access violation. SQL Server is terminating this process
Transparent Data Encryption (TDE) is the good feature that has been enhanced in SQL Server 2008, that will help secure the database such as designing a secure system, encrypting confidential assets, and building a firewall around the database servers. Whenever you consider the security of data platform you will think about passwords, access (physical) to the server and chances are high that a malicious party can just restore or attach the database and browse the data. So thats where the data encryption..... (more)
category: News | clicked: 0 | comment | | source: sqlserver-qa.net
tags: affinity mask, i/o, Performance, Security, SQL Server, tde, transparent data encryption
1
kudos
spam Kudos Remove

Get the new Forefront Protection 2010 for Sharepoint Trial
published 77 days, 10 hours, 25 minutes ago posted by sasa 85 days, 12 hours, 44 minutes ago
Saturday, May 15, 2010 9:40:39 AM GMT Friday, May 07, 2010 7:21:20 AM GMT
Get the new Forefront Protection 2010 for Sharepoint Trial
Get the New Forefront Protection 2010 for SharePoint Trial Microsoft Forefront Protection for SharePoint provides essential building blocks for secure collaboration by helping to prevent users from uploading or downloading documents containing malware, out-of-policy content, or sensitive information to SharePoint libraries. Learn more......(read more) (more)
category: News | clicked: 0 | comment | | source: sqlserver-qa.net
tags: download, forefront, microsoft, rtm, seamless, Security, SharePoint, trial
1
kudos
spam Kudos Remove

MS10-025 - Critical :: Microsoft Security Bulletin Re-Release
published 84 days, 10 hours, 54 minutes ago posted by sasa 93 days, 13 hours, 30 minutes ago
Saturday, May 08, 2010 9:11:15 AM GMT Thursday, April 29, 2010 6:35:17 AM GMT
MS10-025 - Critical :: Microsoft Security Bulletin Re-Release
Bulletin Information: ===================== * MS10-025 - Critical - http://www.microsoft.com/technet/security/bulletin/ms10-025.mspx - Reason for Revision: V3.0 (April 27, 2010): Revised bulletin to offer the rereleased security update for Windows Media Services running on Microsoft Windows 2000 Server Service Pack 4. Microsoft recommends that customers running the affected software apply the rereleased security update immediately. - Originally posted: April 13, 2010 - Updated: April 27, 2010 - Bulletin.... (more)
category: News | clicked: 0 | comment | | source: sqlserver-qa.net
tags: 2000, Best Practices, bulletin, microsoft, Security, windows
1
kudos
spam Kudos Remove

SQL Server Management Data Warehouse - quick tour on setting health monitoring policies
published 106 days, 12 hours, 36 minutes ago posted by sasa 116 days, 10 hours ago
Friday, April 16, 2010 7:29:56 AM GMT Tuesday, April 06, 2010 10:05:27 AM GMT
SQL Server Management Data Warehouse - quick tour on setting health monitoring policies
Profiler, Perfmon, DMVs & scripts are legendary tools for a DBA to monitor the SQL arena. In line with these tools SQL Server 2008 throws a powerful stream with policy based management (PBM) framework & management data warehouse (MDW) methods, which is a relational database that contains the data that is collected from a server that is a data collection target. This data is used to generate the reports for the System Data collection sets, and can also be used to create custom reports. All...(read more) (more)
category: News | clicked: 0 | comment | | source: sqlserver-qa.net
tags: Best Practices, DBA, edition, executesql, management data warehouse, mdw, Monitoring, pack, packages, policies, Security, SQL Server
1
kudos
spam Kudos Remove

Avoid SQL Injection with Parameters
published 106 days, 12 hours, 36 minutes ago posted by sasa 116 days, 12 hours, 10 minutes ago
Friday, April 16, 2010 7:29:56 AM GMT Tuesday, April 06, 2010 7:55:27 AM GMT
Avoid SQL Injection with Parameters
The best way to avoid SQL Injection is with parameters. With parameters you can’t get SQL Injection. You only get SQL Injection where you are building a SQL statement by concatenating your parameter values in with your SQL statement. Annoyingly many TSQL...(read more) (more)
category: News | clicked: 0 | comment | | source: sqlblogcasts.com
tags: best practice, Security, Tips and Tricks, TSQL
1
kudos
spam Kudos Remove

SQL Server Memory Cache - take help of DMV for optimal query plans
published 149 days, 14 hours, 40 minutes ago posted by sasa 156 days, 17 hours, 15 minutes ago
Thursday, March 04, 2010 5:25:55 AM GMT Thursday, February 25, 2010 2:50:20 AM GMT
SQL Server Memory Cache - take help of DMV for optimal query plans
SQL Server query optimization and keepup of performance is not a black-art, it can be achieved in a fair manner if you treat your queries with plans with a are reused or recompiled plans that can help you design well-performing applications. There are ways to add a plan or data to the SQL Server cache or to remove a plan or data from SQL Server cache, but these techniques are only recommended for testing or troubleshooting purposes. The key point is more you understand about optimal query plans,...(read ... (more)
category: News | clicked: 0 | comment | | source: sqlserver-qa.net
tags: benchmarking, best practice, BOL, cache, configuration, Memory, plan guide, Query, Security, SQL Server, technet
1
kudos
spam Kudos Remove

Build an Alert mechanism by using Analysis Management Objects (AMO) - implement SQL Server 2008 OLAP Best Practices
published 162 days, 15 hours, 36 minutes ago posted by sasa 168 days, 16 hours, 56 minutes ago
Friday, February 19, 2010 4:29:33 AM GMT Saturday, February 13, 2010 3:09:54 AM GMT
Build an Alert mechanism by using Analysis Management Objects (AMO) - implement SQL Server 2008 OLAP Best Practices
SQL Server 2008 offers Analysis Management Objects (AMO) a complete library of classes designed to manage an instance of Analysis Services from a client application in managed code under the .NET Framework version 2.0. What I believe on the usage of these AMO in Analysis Services 2008 will alert you whenever best practice is not being followed: suggestions and warnings are delivered by AMO and are identified by a curvy blue line underneath the object in question. The message is displayed when you...(read... (more)
category: News | clicked: 0 | comment | | source: sqlserver-qa.net
tags: amo, Analysis Services, benchmarking, Best Practices, Books Online, management objects, Security, SQL Server
1
kudos
spam Kudos Remove

Customer Ready Guidelines for Security Advisory 979352 Updated (IE6 Vulnerability) - Get your IE6 browsers to upgrade to IE8
published 181 days, 20 hours, 15 minutes ago posted by sasa 191 days, 8 hours, 9 minutes ago
Saturday, January 30, 2010 11:50:28 PM GMT Thursday, January 21, 2010 11:56:23 AM GMT
Customer Ready Guidelines for Security Advisory 979352 Updated (IE6 Vulnerability) - Get your IE6 browsers to upgrade to IE8
Here is the advisory guidelines email from Microsoft Security that I would like to share: Microsoft is aware of public exploit code released that impacts customers using Internet Explorer 6. Customers using Internet Explorer 8 are not affected by currently known attacks and exploits due to the improved security protections in IE8. To help protect our customers, we recommend that all customers immediately upgrade to Internet Explorer 8 . Customers should also consider applying the workarounds and...(read ... (more)
category: News | clicked: 0 | comment | | source: sqlserver-qa.net
tags: best practice, blogs, guide, internet explorer, microsoft, msdn, Security, Upgrade
1
kudos
spam Kudos Remove

Recently updated Microsoft SQL Server 2008 Standard Knowledge Base Articles
published 184 days, 20 hours, 25 minutes ago posted by sasa 194 days, 8 hours, 29 minutes ago
Wednesday, January 27, 2010 11:40:06 PM GMT Monday, January 18, 2010 11:36:34 AM GMT
Recently updated Microsoft SQL Server 2008 Standard Knowledge Base Articles
The following pages were recently modified. Source: Knowledge Base Product: Microsoft SQL Server 2008 Standard Notification Contents: New and Major Modifications SQL Server 2008 setup may fail with "Setup Failure in SetupActionName: (more)
category: News | clicked: 1 | comment | | source: sqlserver-qa.net
tags: communication, kba, network, package, Security, SQL Server, SSIS, version7
1
kudos
spam Kudos Remove

Business Intelligence - how to determine the configuration settings for a data mart or warehouse project - notes from field
published 210 days, 22 hours, 25 minutes ago posted by sasa 220 days, 10 hours, 32 minutes ago
Friday, January 01, 2010 9:40:24 PM GMT Wednesday, December 23, 2009 9:33:07 AM GMT
Business Intelligence - how to determine the configuration settings for a data mart or warehouse project - notes from field
Fast query response times and timely data refresh are two well-established performance requirements of Online Analytical Processing (OLAP) systems and to provide fast analysis, OLAP systems traditionally use hierarchies to efficiently organize and summarize data. The content of data warehouse (OLAP) database changes infrequently compared to that of transactional database (OLTP). By default the architecture and charter of data warehouse, the storage requirements increase over time and frequently reach...(... (more)
category: News | clicked: 3 | 1 comment | | source: sqlserver-qa.net
tags: Best Practices, business intelligence, i/o, Memory, olap, readonly, Security, settings, SQL Server
1
kudos
spam Kudos Remove

SQL Server Installation issues Rule "Long path names to files on SQL Server Installation media" failed
published 216 days, 22 hours, 48 minutes ago posted by sasa 226 days, 10 hours, 58 minutes ago
Saturday, December 26, 2009 9:17:54 PM GMT Thursday, December 17, 2009 9:07:47 AM GMT
SQL Server Installation issues Rule "Long path names to files on SQL Server Installation media" failed
Whenever you plan or proceed for a SQL Server installation, it requires the following steps: Review installation requirements, installation options, system configuration checks, and security considerations. Run SQL Server Setup to install, upgrade, or migrate to SQL Server. Use SQL Server utilities to configure SQL Server. The above process & procedures are followed regardless of whether you chose to use SQL2008 Installation wizard or install from command prompt. Coming on when you choose from...(read more) (more)
category: News | clicked: 2 | comment | | source: sqlserver-qa.net
tags: best practice, check, description, directory, disk, Installation, path, rules, Security, setup, SQL Server
1
kudos
spam Kudos Remove

Wait on the Database Engine recovery handle failed. Check the SQL Server error log for potential causes.
published 225 days, 23 hours, 28 minutes ago posted by sasa 235 days, 11 hours, 40 minutes ago
Thursday, December 17, 2009 8:37:44 PM GMT Tuesday, December 08, 2009 8:25:15 AM GMT
Wait on the Database Engine recovery handle failed. Check the SQL Server error log for potential causes.
One of the SQL Server 2008 upgrade process hampered with the error on the subject line and following text box was displayed: For some reason the similar issue hasn't been displayed when Upgrade Advisor has been chosen to find the first hand issues, as per http://sqlserver-qa.net/blogs/tools/archive/2008/01/22/upgrade-blurg.aspx and http://sqlserver-qa.net/blogs/tools/archive/tags/upgrade+advisor/default.aspx posts here. Coming to the root cause of the issue one of the KBA refers that .... this issue...(r... (more)
category: News | clicked: 0 | 2 comments | | source: sqlserver-qa.net
tags: access, policy based framework, sa, Security, SQL Server 2008, SQLServer, Upgrade, upgrade advisor
1
kudos
spam Kudos Remove

I am a forum spammer! Delete my account immediately!!
published 268 days, 2 hours, 29 minutes ago posted by sasa 277 days, 16 hours, 8 minutes ago
Thursday, November 05, 2009 5:36:44 PM GMT Tuesday, October 27, 2009 3:58:00 AM GMT
I am a forum spammer! Delete my account immediately!!
The subject may look confusing that 1 part of it confirms its a forum spammer and another part to delete that account!!! Here is the email text that I have received highlighting valueable advice on security: *********** This email address was created solely to register automatically at thousands of forums for the purposes of spamming forums like yours. Remove my account and any other account registered with my email address, and strongly consider strengthening your forum's password requirements....(read ... (more)
category: News | clicked: 1 | comment | | source: sqlserver-qa.net
tags: email, forum, foundation, password, Security, spam, team
1
kudos
spam Kudos Remove

Alert - Critical Product Vulnerability - October 2009 Microsoft Security Bulletin Release
published 277 days, 4 hours, 8 minutes ago posted by sasa 286 days, 16 hours, 48 minutes ago
Tuesday, October 27, 2009 3:57:57 PM GMT Sunday, October 18, 2009 3:17:46 AM GMT
Alert - Critical Product Vulnerability - October 2009 Microsoft Security Bulletin Release
This alert is to provide you with an overview of the new security bulletin(s) being released on October 13, 2009. Security bulletins are released monthly to resolve critical problem vulnerabilities. New Security Bulletins Microsoft is releasing the following 13 new security bulletins for newly discovered vulnerabilities: Bulletin ID Bulletin Title Maximum Severity Vulnerability Impact Restart Requirement Affected Software* MS09-050 Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517)...(re... (more)
category: News | clicked: 0 | comment | | source: sqlserver-qa.net
tags: alert, Best Practices, bulletin, microsoft, operating system, search, Security, vulnerability, windows
Previous 1 2 Next