Tag: SQL Security

Stop doubting your sql server environment

Five Goals for Your SQL Servers in the New Year

We’ve made it! The start of a new year. Now is a great time to reflect on what you’d like to accomplish over the next 12 months at work, and more specifically, what you would like to do with your SQL Server environment this year. To help with that, here are five activities or goals…
Read more

Who Owners Your SQL Server Database and how to change it

Who’s the SQL Server Database Owner and How Can You Change It?

In SQL Server, when someone creates a database, they own it. That means they have elevated permissions on the database. The SQL Server database owner can change configuration parameters, perform maintenance, and grant permissions on the database to other users. The database owner can even drop the database altogether. In highly secure environments (and what…
Read more

Restrict access to secure your SQL Servers

Securing Your SQL Servers, What Should You Audit?

Securing and protecting your SQL Servers from the ever present threats of data breaches, ransomware, and even accidental data losses due to errant code or faulty systems is crucial. It’s one of the core responsibilities of a DBA. It would be great if there was a one-size fits all approach to data protection – one…
Read more

CHECKDB is a critical for Database Integrity

When Was the Last Known Good DBCC CHECKDB Integrity Check?

Fortunately, DBCC CHECKDB will log each time it completes without finding any errors or corruption in the database. That’s known as the Last Known Good date. Let’s look at three ways you determine the Last Known Good date. We’ll use a T-SQL query, a PowerShell command with dbatools, and the SQL Server Logs via Management Studio.

Let's count the number of SQL Server tempdb files I have

3 Ways to Find Your SQL Server tempdb Data Files

Checking the number of tempdb data files is straightforward. Here are three easy ways: one graphical, one T-SQL, and one PowerShell, so you can use your tools of choice.

Avoid working without a net; implement a SQL Server HADR option

High Availability and Disaster Recovery in SQL Server

We’re often asked about SQL Server High Availability and Disaster Recovery (HADR) options to help customers protect their data and improve their uptime. No surprise there. When a SQL Server provides a critical component of your daily operations you need those databases to be available. Simply put, when a user needs information from the database…
Read more

Vintage databases are not as good as vintage cars

Should I Upgrade SQL Servers that Are Out of Support?

Do All SQL Servers Need to Be Upgraded? Running production systems on a platform that is no longer supported by the vendor is worrisome. If something goes wrong, you’ll no longer be able to call the vendor and receive technical support. But worse, you’ll no longer release updates, fixes, security patches, etc, for the out…
Read more

Hands of a Hacker

Protect Your SQL Server from MrbMiner and Other Malware Attacks

Unfortunately malware attacks attempting to exploit vulnerable SQL Servers are often successful. Last spring, Guardicore announced that the Vollgar attack that was making its way around the internet. Just last month, it was MrbMiner in the news. And there have been countless other attacks targeting SQL Server over the year. So, how can your protect…
Read more

Am I affected by MrbMiner malware?

SQL Server hardware can be powerful. Lots of CPU cores and memory. Just what a crypto miner may need in their quest to generate cryptocurrency. In the case of the MrbMiner exploit, numerous SQL Servers have been exploited with brute-force attacks. These attacks are scanning for servers exposed directly to the internet and are using…
Read more

Vollgar: 6 Scripts to Help Review Your SQL Servers

Last week, Guardicore released information about a newly discovered attack that uses SQL Servers to compromise servers and networks. Here’s a link; I’d really encourage you to read it. The attack known as Vollgar uses a simple brute force attack to gain access to SQL Servers exposed to the internet. It then uses the elevated…
Read more