Insufficient data from Andrew Fryer

The place where I page to when my brain is full up of stuff about the Microsoft platform

Browse by Tags

Related Posts
  • Blog Post: Lab Ops – PowerShell 4 and PKI

    In a Remote Desktop Services lab setup involving a gateway to allow connections to our virtual desktops over the internet we are going to need to use an SSL certificate to secure traffic between the remote devices and the gateway. Typically in the past we would have gone into a server running IIS and...
  • Blog Post: Compliance in SQL Server

    I often get asked about whether SQL server is compliant with some standard or other e.g. Sarbannes-Oxley (SOX) , Data Protection etc.  The answer is yes, but there is no flip switch in SQL to turn any of these on , and as anyone knows who's tried it turning on c2 security is a great way of slowing...
  • Blog Post: Desktop Security - one size doesn’t fit all

    If you follow this blog you’ll realise that every couple of weeks I mention TechNet ON . This one stop portal changes its focus every couple of weeks and this time the focus is on desktop security.  I am not going to try and rework any of the resources as they are all pretty obvious and well written...
  • Blog Post: SQL Server Security

    Security should be everyone’s business,  but it’s often seen as someone else’s problem.  When it comes to SQL Server there are at least three parts to the puzzle: The infrastructure guys will provide secure comms and accounts with which to access SQL Server. The developers be they in house...
  • Blog Post: More secure is not totally secure

    My good friend Steve the team spook, has written this post about SQL Servers track record on security compared with what many people perceive is the secure database of choice, Oracle. I can only speculate as to why this is the case as I am not an Oracle guru, but it may well be down to Microsoft’s trustworthy...
  • Blog Post: Rename the SQL Server sa account

    Another good thing that’s done at the SQL Server community evenings is a 5 minute slot where anyone can have a go at showing something interesting. Tony Rogerson got me to open the batting to encourage others to have a go.  I am not sure who it was who came up next but it was a simple thing on renaming...
  • Blog Post: SQL Server Advent Calendar 18 – Audit

    Day 18 of my virtual advent calendar, about stuff I like in SQL Server 2008.. Rounding out ways of keeping an eye on what’s happening to your data in SQL Server 2008 is the new auditing feature in Enterprise edition.  As the name suggest it’s there for a specific purpose, to make your compliance...
  • Blog Post: Another Quiet Day for SQL Server DBA's

    When was the last time you picked up a land line phone and there was no dial tone? BT are no doubt proud of this but it's not going to make them any headlines, it's much more entertaining and newsworthy to complain about our 3rd world broadband speeds. The SQL Server product guys are in the same invidious...
  • Blog Post: IIS 7.5 and Windows Server Core

    There is so much stuff on Windows7 & 2008 R2 features out there, but not so much on IIS 7.5.  The other reason it slipped off my radar was that reporting services in SQL Server 2008 directly uses http.sys for its portal and there is no longer a need to install IIS at all.  Anyway it’s now...
  • Blog Post: Getting Safe OffLine by going green

    Hopefully the Getting Safe OnLine message is getting out there and you are ensuring that all computers are properly protected both at work and at home. But what about security worries when you’re offline, we all get statements from banks and utilities like gas electricity plus council tax and these can...
  • Blog Post: SQL Server 2008 Transparent Data Encryption and Replication

    SQL Server 2008 will have a mechanism to encrypt the database at rest, with little overhead, and you can try this in CTP5.  While it is on the instance where it was encrypted it can be accessed by any application with out modification.  However if it is detached/attached or restored to another...
  • Blog Post: Do You trust your DBA

    I noticed a new tool appeared last week from Sentrigo that scrambles SQL Server passwords so that they cannot be seen in plain text by the DBA.  This is to address a supposed vulnerability in SQL Server 2000/5 where by allowed memory dumps which exposed users passwords (BTW I am not doing a post...
  • Blog Post: FileStream Data and Deletion

    Deletion on computers is often a bit of a sham, as I found out when I got in at the ground floor of forensic computing a long long time ago.  Back then file systems were very lazy so when you deleted something all that happened was the file system marked the blocks occupied by that file as being...
  • Blog Post: SQL Server 2012 and the private cloud

    Putting up a marketing slide that says SQL Server is a good private cloud citizen is good marketing, but what’s in the box to back the claim up? My top three would be: Windows Server core .  Patching is a major maintenance problem with lots of virtual machines, and server core cuts that in half...
  • Blog Post: Windows 7 DirectAccess my new best friend.

    It’s tough trying to work from home with the feeble broadband speeds that exist in many parts of the UK. I get 0.5mbps when I am paying for 8 (which is still poor even allowing for how far I am form the exchange) and so I often have to travel just to download data or do live meetings. However I have...
  • Blog Post: Careless Talk costs…

      Online phishing scams are a bit passe these days, and organised crime is still keen on traditional methods for getting their hands on your identity and credit card details.  This is simple economics (even criminals have to keep down overheads in a tough economy) , based on who is likely to...
  • Blog Post: What is ADFS, and why you should care?

    Active Directory Federated Services (ADFS) doesn’t sound like the most exciting topic for a post, but I am going to post on it anyway precisely because it is boring. First let me log in to windows with a Live ID.. You’ll notice I have used my Microsoft alias to sign in, and I haven’t entered my password...
  • Blog Post: SQL Server Spruce up

    Landrovers, will take a lot of pounding and neglect, but when my wife drove hers to Australia she made very sure it was properly set up for 2 years on the road Similarly SQL Server is also often out in the wild far from DBA’s and inspection from maintenance tools, like System Center .  However now...
  • Blog Post: Update Tuesday – good for your health

    1st of April could well see the resurgence of the infamous Conflicker or downadup worm which some experts reckoned had infected over 3.5 million computers by January.  This is because Conflicker will use a new algorithm to work out which domains to attack.  Many of the problems that have been...
  • Blog Post: Evaluate This–File Classification

    In my last post & screen cast I showed how Dynamic Access Control (DAC) worked; the business of matching a users claims to the properties of a file (Resource Property in DAC), however the problem then becomes how do I correctly tag my files so that DAC works.  You shouldn’t necessarily be doing...
  • Blog Post: SQL Server 2008 Encryption Keys

    Encryption, Keys and certificates etc. are complicated  and confusing judging by the number of support calls coming in from DBA's. As I said in my last post , Transparent Data Encryption is there to stop someone walling off with your data.  A database can be encrypted using a key which is stored...
  • Blog Post: SQL Injection

    Fuel injection is generally considered to be a good thing for cars, while IT professionals consider SQL injection to be a bad thing.  The technique does not exploit weaknesses in the the database , but how it and the relevant web server are configured.  In the Microsoft world a lot of work...
  • Blog Post: Microsoft Security Intelligence Report vol 6

    Every 6 months Microsoft publishes a freely available Security Intelligence Report (SIR) , looking at what’s happening to threaten the security of our personal and corporate computing. Mostly it‘s written in English and if you can’t find the time to read it all I would at least recommend the summary...
  • Blog Post: Internet Explorer 8 on Vista and Windows 7

    Viral has just pinged me a write up of a hacking contest from the Washington Post (he is American after all) . The "Pwn2Own" contest at the CanSecWest security conference in Vancouver won by a 25 year German student called “Nils”.  He won $15,000 for exposing a vulnerability in IE8 beta...
  • Blog Post: Think U Know

    Reading today’s Sun , you might well be worried if your kids are on FaceBook, but taking their laptop away is probably not going to be the correct response, as they’ll simply find another way to get online which is less under your control than what they are doing now e.g. using their phone, a mates laptop...