Chip's Blog

SQL Server coming to Linux

posted Mar 9, 2016, 9:39 AM by Chip Andrews

I wasn't sure if this was an early April's Fools joke but it appears to be legit.  Obviously with a new release we should be on the lookout for security vulnerabilities but if you'd got the time then get the preview and start looking!

Version 1.3 of sqlver released

posted Oct 15, 2013, 5:47 AM by Chip Andrews   [ updated Oct 15, 2013, 5:48 AM ]

Thanks to Frank Brown for releasing his additions to the sqlver tool.   Frank has added SQL 2012 detection as well as a new registry GetEdition()  lookup (single instances only for now).  Check it out in the Downloads area.

Mobile SQL Server Management

posted Jul 20, 2013, 6:03 PM by Chip Andrews   [ updated Jul 20, 2013, 6:03 PM ]

I've been using the Solarwinds Mobile Admin Client (and server) now for several months and I have to say it is very powerful for managing SQL Server (among other things) while on the run.  It works by installing a server component on your network and then enabling SSL so you can connect from your mobile app.  While the connection to the Mobile Admin server can be encrypted - there is no requirement for doing so be sure to set your config properly.

Another patch tool

posted Mar 24, 2013, 8:05 AM by Chip Andrews

While not open source, if you need a simple tool to patch third-party applications on a Windows machine you may want to check out  They've done a good job of automatic a process that should have been automated a long time ago.  What is needed now is to have a similar application delivered as a system service that runs on all computers in a domain.  Microsoft Systems Center Configuration Manager is close but who has time to constantly create new deployment packages?  The folks at patchmypc have the right idea.  They maintain the package database - you just choose which applications you want to patch.

Reviewing a New Book on SQL Security

posted Oct 24, 2012, 5:55 PM by Chip Andrews   [ updated Nov 17, 2012, 5:30 AM ]

I am in the process of reviewing a copy of "Microsoft SQL Server 2012 Security Cookbook" from PackT publishing.  I will be sure to post my review when completed but in the meantime if anyone is interested in an eBook version the publisher is offering 5 to anyone who posts a response to this blog entry with a reason "why you would like to get the book".  Hey - free stuff - why not?  Only the "Top 5" comments will win and those will be the only ones given to the publisher for prize distribution.  I will leave this open for comments until 11/15/12. UPDATE: I've closed the contest and sent the top 5 reasons to the publishers.  The winners should receive their free copies at any time.

SQL Server in Memory Only?

posted Jun 28, 2012, 6:35 AM by Chip Andrews

Microsoft is making moves towards an in-memory database.  While the security implications of this may be unknown - it's not too early to starting thinking about it.

SQL Server 2012 Released

posted Apr 15, 2012, 5:38 AM by Chip Andrews

I've already created a SQL Server 2012 section to the version database for the release candidates but this is still an important milestone since now SQL Server 2012 will begin to show in production environments.  We'll keep our ears to the ground for any new vulnerabilities!

Direct Link to SQL Server Release Blog

posted Feb 13, 2012, 8:04 PM by Chip Andrews

While Ken and I do our best to keep up with the SQL Server builds, occasionally we fall behind.  If you want a listing of the major releases (I don't see hotfixes here but certainly service packs and cumulative updates) see this site to double-check our index:

Printer Woes

posted Feb 4, 2012, 8:04 AM by Chip Andrews   [ updated Feb 13, 2012, 7:11 PM ]

You ever have one of those days when you want to take your printer outside and beat it to bits with a bat (a la Micheal Bolton, Samir, and Peter from the movie Office Space)?  Well - for me - that day is TODAY!   BTW - if you are a company that outsources your Helpdesk to overseas call centers - you deserve to go out of business.  There's nothing worse than sitting in a queue for an hour only to be greeted by someone who sounds like they are calling you on a tin can phone.  All emails should be answered withing 1 hour and all phone calls should be answered within 5 minutes.  Anything else is unacceptable.  

Veracode reports 32% of sites subject to SQL Injection

posted Dec 9, 2011, 11:44 AM by Chip Andrews   [ updated Dec 9, 2011, 12:24 PM ]

Checking my calender - yep - almost 2012 and we still have 32% of sites with SQL injection vulnerabilities? Wow. Anyway - good reading and should give any security consultants out there hope for future business opportunities.

1-10 of 14