 | | ^ click above ^ |
07.27.04
Automated SQL injection: What your enterprise needs to know
SQL injection exploits may soon be as common as those targeting Windows and Unix flaws, experts say. An estimated 60% of Web applications that use dynamic content are likely vulnerable, with devastating consequences for an enterprise. A presentation of an automated attack targeting SQL injection flaws is planned for Black Hat Briefings this week in Las Vegas. This two-part interview with SPI Dynamics CTO Caleb Sima will tell you what you should fear, why and what you can do to mitigate your risk.
Security Wire Perspectives: Can you describe, in basic terms, what a SQL injection flaw is and what kind of threat it poses?
Read The Whole Article
Flessner Pledges More Frequent SQL Server Releases
Some users were disappointed earlier this year when Microsoft announced that SQL Server would be delayed for a third time -- until the first half of 2005. But Paul Flessner, senior vice president of Microsoft's server platform division, last week told Computerworld the important second beta is due within weeks and the product remains on track for next year.
|
A year ago, you seemed certain that SQL Server would ship in 2004. What happened? Was the delay related to the integration of the Visual Studio .Net development tools? It's been complicated to keep the two products close together, and we have to keep them in sync. It's mostly, I think, the depth of integration. When you see the beta and you get to be writing these stored procedures in Visual Studio and then you get to see the interaction, I think you'll understand why it's taken longer.
Read The Whole Article
SQL Server tip: Respond to broken installations
On my development machine, both installations of SQL Server (2000 and Yukon) broke suddenly. Fortunately, only the SQL installations were broken--the database files were intact. I have a genuine database server where I do the real work, but I like to have SQL running on my dev box so I can muck about freely without impeding upon my actual work.
I had the physical files of every development database; the key is that these files were intact. I had to install them on my genuine server at least long enough to fix the problem on my development machine.
Read The Whole Article
Microsoft SQL Server 2000 administrative tools (Part 1)
Please find below Microsoft SQL Server 2000 administrative tools description. All of the tools described in this article uses graphic interface, while the others, 42 altogether, uses the pure command line interface. I have already described administrative tools without graphical interface in my past articles: “Microsoft SQL Server 2000 command line utilities (Part 1)” at http://www.sswug.org/see/17555 and “Microsoft SQL Server 2000 command line utilities (Part 2)” at http://www.sswug.org/see/17556.
Enterprise Manager - used to perform SQL Server and enterprise-wide database administration tasks. SQL Server Enterprise Manager is the SQL Server Microsoft Management Console (MMC) snap-in component. Using the MMC snap-in offers you an ability to administer different Microsoft’s servers (for example: SQL, SMS, Transaction Server, Microsoft Message Queue Server, Internet Information Server, SNA Server, etc) one uniform, common way.
Read The Whole Article
Interview: MySQL minnow attracts giants
IT Week: Has MySQL grown in the same way as Linux in the enterprise, through stealth projects and pilots?
Zack Urlocker: We see both this bottom-up adoption from universities and, increasingly, top-down adoption from businesses who are saying, 'We need to save money, let's use open source.'
Read The Whole Article
Growing Third-Party Vendor Support For MySQL
One sure sign that a new technology is catching on is the size of its ecosystem--the applications, management tools, and other third-party products that support that technology. And by any measure, MySQL is developing a healthy ecosystem.
Working with open-source databases can be tricky because third-party tools often lag development of the database itself, says Mike Gaydos, lead architect of MySQL solutions at IT-services firm EDS. Open-source database users can expect to do a fair amount of custom development work, he says.
Read The Whole Article
Read this newsletter at: http://www.sqlpronews.com/2004/0727.html |
|  |
|
