One of the biggest threats in IT industry & Database world is unprecedented attacks aka most commonly termed as 'SQL injection'. There is no doubt that biggest database vendors, one of them as Microsoft so far providing recommendations regarding security-related configuration settings since...
Adding password complexity and password expiration to SQL Server logins is one of best feature I quote for SQL Server version 2005 onwards, similarly such password complexity policies are designed to deter brute force attacks by increasing the number of possible passwords. When password complexity policy...
Posted to
SQLServer-QA.net - Knowledge Sharing Network (SSQA.net)
(Weblog)
by
Anonymous
on
04-30-2008
Filed under: sql server, microsoft, security, feature, password, best practice, trustworthy, computing, logins, policies, settings, check_policy, check_expiration
Do you want to lockdown your SQL Server environment? Hope you dont'! Though it is not a good practice or recommendation to perform, but will atleast prove how far your SQL Server environment has securit compliance as per the industry best practices. Before we go to know how you can lockdown or know...
Posted to
SQLServer-QA.net - Knowledge Sharing Network (SSQA.net)
(Weblog)
by
Anonymous
on
02-13-2008
Filed under: sql server, microsoft, security, tools, article, sa, procedure, best practice, downloads, bpa, lock down
SQL Server Performance Tuning, sounds familiar on a DBA perspective and though it sounds like an easy words but when you start analyzing the problem it is far deeper inside. When you refer to the web resources such as forums/newsgroups then a common question will be fulfill of improving performance on...
Posted to
SQLServer-QA.net - Knowledge Sharing Network (SSQA.net)
(Weblog)
by
Anonymous
on
02-05-2008
Filed under: sql server, performance, blogs, blocking, security, query, best practice, index plan, sql server central, newsgroups, forums
The newest ranch of Security - trust worthy features in SQL Server 2005 usage of symmetric keys has an important role. Always the document suggests to use Windows Authentication of security purpose and better control of user/security management, but when you talk about third party tools this is often...
Here is a quick snippet on enabling a SQL login to password expiration and password policies as per the Windows server: Open the SQL Server 2005 Management Studio. In the left pane, go to the desired server and navigate to the Security folder and expand it. Expand the Logins folder. Right-click on the...
Posted to
SQLServer-QA.net - Knowledge Sharing Network (SSQA.net)
(Weblog)
by
Anonymous
on
01-07-2008
Filed under: sql server, security, windows, BOL, password, best practice, authentication, books online, policy, logins, sql authentication
This may be last post in Performance Tuning & Security blog section here for this year!! Most of this year in the forums & newsgroups I have seen a common question asking about memory configuration within SQL Server 2005. As you may be aware that SQL Server 2005 (onwards) the memory allocation...
Posted to
SQLServer-QA.net - Knowledge Sharing Network (SSQA.net)
(Weblog)
by
Anonymous
on
12-28-2007
Filed under: sql server, performance, memory, security, applications, best practice, awe, pae, dynamic, 3gb, benchmarking, performance monitoring, settings
They say better not to use UNDOCUMENTED stored procedures, which is true in the aspect when any Service Pack or version is released that may not be included and your task might have issues in working out. Similar to this I was going through various methods to get information on login mapping name since...
As you are aware DMV - Dynamic management views are very good to provide server-level information and some of them with detailed information on the execution environment of the database engine. Just to introduce about DMVs, there are two types of dynamic management views and functions: Server-scoped...
Posted to
SQLServer-QA.net - Knowledge Sharing Network (SSQA.net)
(Weblog)
by
Anonymous
on
12-21-2007
Filed under: sql server, package, performance, security, dmv, users, view, best practice, public, monitoring, server state
How do you define the terms "Performance Monitoring"? What is your baseline & benchmarks? Have you ever used PERFMON (SYSMON) & PROFILER for serious performance issues within your SQL Server environment? The answer may be not 'yes' for all the questions above, in general getting...
Posted to
SQLServer-QA.net - Knowledge Sharing Network (SSQA.net)
(Weblog)
by
Anonymous
on
12-19-2007
Filed under: dashboard, sql server, performance, databases, microsoft, security, blog, environment, best practice, backups, monitoring, baseline, benchmarking, downloads, performance monitoring