Skip to content

SQL Vulnerability Assessment Tool Reference List – Updated!

Way back at January 16, 2020, I published a blog post containing a reference list for the many rules checked by the SQL Vulnerability Assessment Tool. The next month, I created a separate, dedicated page for the reference list so that it’d be easier to find and maintain. Today I learned that a few months later, around the beginning of May, Microsoft themselves have also published such a reference list on the Microsoft Docs page.

Read More »SQL Vulnerability Assessment Tool Reference List – Updated!

Access Violation error when querying from a system table function with parallelism

Following an incident at a customer’s production environment, Nathan Lifshes and I realized that we stumbled upon a yet-unknown bug in SQL Server, causing an access violation error, memory dumps, dropped connections, and even cluster fail-overs.

Read More »Access Violation error when querying from a system table function with parallelism

T-SQL Tuesday #131 – Star Trek Candy and SWITCH TO

This month’s #tsql2sday came to us from Rob Volk (b|t), who asks us to explain databases using an analogy, as if explaining to a 5 year old. I’m actually a big fan of The Feynman Technique (aka ELI5), so I really wanted to participate. But to be honest, I nearly missed out this time simply because I couldn’t think of an idea this whole week.

On the very last day, when the posts already started rolling out by all the bloggers, I’ve read a few, and only then the muse finally hit me. I kid you not, the time is literally 23:59 here in Israel as I hit the publish button!

So anyways, the idea I had was for the ALTER TABLE..SWITCH TO command in SQL Server.

Read More »T-SQL Tuesday #131 – Star Trek Candy and SWITCH TO

Feature Request – Expand MSX/TSX Capabilities for HADR

Following my presentation of “How to HADR Your SQL Server Jobs” at the HA/DR PASS Virtual Group yesterday, David Klee (@kleegeek) and I continued chatting for a bit longer after the recording was concluded. During which, the MSX/TSX feature of SQL Server came up, and David suggested that I’d utilize my newly earned MVP status to push a feature request to expand these capabilities.

Read More »Feature Request – Expand MSX/TSX Capabilities for HADR

Overriding the Authentication in SSRS for External Access

In this post, I hope to summarize the various methods that we have, in order to get rid of that annoying authentication prompt. Each method has its own advantages and disadvantages in terms of complexity of implementation, versatility, and the level of security that it provides. More specifically: the more secure and versatile a method is – the more complicated it is to implement.

Read More »Overriding the Authentication in SSRS for External Access

How to Protect SQL Server from Hackers and Penetration Tests

On June 3rd, the InfosecMatter blog published a post titled “Top #10 Vulnerabilities: Internal Infrastructure Pentest“. This blog post detailed the top most common vulnerabilities in Windows servers and networks found during more than 60 internal infrastructure penetration tests around the world. After reading this article, I was prompted to actively look for similar resources on SQL Server penetration testing, and I got some interesting findings. Check out my blog post at the Madeira Data Solutions website for the details.

Read More »How to Protect SQL Server from Hackers and Penetration Tests