SQL Server hardware can be powerful. Lots of CPU cores and memory. Just what a crypto miner may need in their quest to generate cryptocurrency. In the case of the MrbMiner exploit, numerous SQL Servers have been exploited with brute-force attacks. These attacks are scanning for servers exposed directly to the internet and are using…
Read more
Last week, Guardicore released information about a newly discovered attack that uses SQL Servers to compromise servers and networks. Here’s a link; I’d really encourage you to read it. The attack known as Vollgar uses a simple brute force attack to gain access to SQL Servers exposed to the internet. It then uses the elevated…
Read more
Installing SQL Server is surprisingly easy. Download the media, double-click the setup file, answer a few configuration questions, and in less than 15 minutes you have a fully functional database server. And the server performs well. For a while. Then it slows down and maybe even a database corrupts. You recover by restoring the prior…
Read more
As of July 9, 2019, SQL Server 2008 and SQL Server 2008 R2 have officially passed from Extended Support to No Longer Supported. What does that mean? It means that Microsoft will no longer release any updates for any version of SQL Server 2008. That includes security patches and data integrity fixes. If a hacker…
Read more
We’re frequently asked how many tempdb files a SQL Server should have, especially from those who have downloaded our free 5 Common SQL Server Configuration Issues PDF. That’s because there’s a lot of well-intended but incorrect information posted on the internet about tempdb. What Is tempdb? Let’s start with a very brief description of tempdb. When SQL…
Read more
Just when we thought that most cybersecurity attacks came via social engineering, we see this. Attacks on IIS, Microsoft’s web server, increased from 2,000 in Q1 2018 to over 1.7 million in Q2 2018. That’s a mind-boggling 782x increase! This is according to an esentire Security Advisory released last week. Hackers go-to tool of choice? PowerShell was the most commonly…
Read more
“The nice thing about standards is that you have so many to choose from,” quipped renown computer scientist Andrew Tanenbaum. In the SQL Server world, we have industry best practices. These are guidelines that most every knowledgeable database professional will agree is a good idea or a good baseline. Sure there are exceptions, specific tweaks…
Read more
Recent Comments