Your Field Guide To Designing Security Into Networking Protocols

We'll go over some examples of attacks against protocols and rules following, which will help you when designing and implementing protocols of your own.

When you attach or detach a database, which...

New SQL Truncation Attacks And How To Avoid Them

In this article I will discuss some new ideas that can result in either modifying SQL statements or injecting SQL code even if the code has escaped the delimiting characters. I will start with some best practices for constructing delimited identifiers and SQL literals, and then I'll show you new ways attackers can inject SQL code in order to help you protect your applications.

Forensic Tamper Detection in SQL Server

The suggested method illustrates a way how such tampering by an authorized user can be detected. While this method doesn't provide tamper-prevention measures, but as there is no such thing as ultimate security, detection of such tampers will help maintaining the integrity of information in a great way

Making SA Work

There are quite a few changes in SQL Server 2005 and many of those relate to security. Did you know the sa account can be disabled by default? Longtime author Raj Vasant brings a basic look at connecting and authenticating in SQL Server 2005.

Anticipate the worst when developing SQL Server databases

Arthur Fuller advises DBAs to try to break their software in order to make sure their SQL Server databases can withstand potential attacks. See if your code can hold up to his suggested tests.

Can a particular event in SQL Server 2005,...

How many users can be added to an...

What algorithm is used to encrypt the Database...

Which protocols support Kerberos authentication on SQL Server...