Skip to main content

SQL Truncation Attacks

SQL injection attacks are nothing new and hopefully everyone is protecting themselves from it. An interesting by-product of the standard method of protection from the basic sql injection attack (replace single quotes with two single quotes) is increasing the size of the original value. When building a command in a variable, its possible to truncate […]

Shrinking Databases bit-by-bit to avoid long delays

Michael Jones has a neat script for shrinking databases in small chunks to avoid having the server locked up for a long period. declare @sql varchar(8000) declare @name sysname declare @sizeMB int declare @UsedMB int declare @FreeMB int declare @ShrinkMB int — Desired free space in MB after shrink set @FreeMB = 1000 — Increment […]

Troubleshooting Delegation in SQL Server

I just came across a good article by Keith Brown on a common trap when setting up SQL Server with kerberos delegation. As he noted, the port number for the Sql Server Service should be specified when setting the service principal name (SPN). Delegation is a powerful feature of Active Directory but can be difficult […]