Back in 2000 I began writing for swynk.com in hopes of learning more about SQL Server and beginning to make a name for myself in the SQL Server community. That was a little over seven years ago. As SQLServerCentral.com came online, I transitioned to it, writing articles and contributing heavily in the forums. Opportunities abounded from this effort, with the chance to write an eBook, the chance to become a regular columnist for SQL Server Standard Magazine, and later a chance to become a co-author of an in-print book, …

Saw this on the Association for Computer Machinery SIGMOD announcements.

Tribute to Honor Jim Gray

It is scheduled for May 31, 2008 at UC-Berkeley.

As a follow up to my post about Cesar Cerrudo's new whitepaper, earlier this month David Litchfield talked about putting honeypots in the database in his blog post, Database tripwires..., to catch someone snooping around. The basic idea for non-Oracle databases is to create some sort of alerting function (such as one that fires an email) that gets called by a view with an interesting sounding name or interesting sounding column names. Triggers could work for INSERT, UPDATE, and DELETE, if the attacker is attempting to alter data. However, if the attacker is simply collecting information, then triggers aren't effective because triggers can't be defined on SELECT operations. This is why he …

Cesar Cerrudo of Argeniss Information Security has put out a new whitepaper (.pdf format), Data0: Next generation malware for stealing databases, describing how malware could be crafted to steal information out of databases. For the most part, it stays at a high-level, however, Cesar does give a few example queries (for SQL Server), the appropriate API calls to perform certain operations, etc., which delve a bit more into the technical side, but even these are fairly straight-forward. To demonstrate what he talks about in the whitepaper, he built a simple proof of concept (PoC), but based on what's in the whitepaper (and what is generally accepted as what's possible), nothing seemed outlandish or hard-to-do. Just for those worried about that PoC being …

I try my best to get things right the first time. So often, correcting a mistake or bad choice is costly: more costly than it would have been to take the time to do it right the first time. However, as SQL Server MVP Andy Leonard points out, sometimes you can't correct an issue.

He starts with the example of a camera and taking a picture out of focus and then brings it around to development. His example is great: you can't provide up to the second updates to a system than only collects data every five seconds. Well, you can, but the data is only going to change ever five seconds. This raises the question often asked by learning styles expert, …

This is a follow-up to part I from last week. You've considered what you want to do, you've looked at your soft skills, and you still want to be a DBA. How then do you get started?

The first thing to do is decide which platform you're going to focus on. Each "flavor" has its own proprietary tools and commands. While all share a basic SQL language foundation, DBCC CHECKDB() doesn't run on MySQL and DESCRIBE doesn't get you anything SQL Server. Likewise, SQL Server Management Objects (SMO) don't help you with Oracle and if you're looking for " …

I've used Safari (the O'Reilly version) for a number of years now and it is a resource I often recommend to coworkers. Basically, it's an on-line library of technical books (since expanded to include video) from a group of publishers. O'Reilly, Microsoft Press, Cisco Press, Syngress, and many others have books and resources on-line at Safari. It came into being in 2001 but I remember a predecessor version back in the late 90s from Que Publishing/Macmillan Computer Publishing called Personal Bookshelf, which I also used. Back in those days I was in the Air Force and that provided some of the technical books I couldn't afford on an Air Force salary.

Subscribing to Safari gives one the ability to put a certain number of books onto a "bookshelf" and the books …

Some time ago I was looking for a password vault and came across some recommendations for KeePass. KeePass is open source and free. It's a nice password manager and some of the features I like are:

• Strong encryption of the password database
• The ability to use a password, key file, or the combination of the two to secure access to said password database
• A password generator with a multitude of options
• The ability to copy the password to the clipboard (without ever showing it) and have it clear the password after a set amount of time
• Organize password entries by groups and subgroups (think folders)

A new version, 1.09, released in October. There is also a …

A recent thread on SQLServerCentral.com had an individual what it took to be a successful DBA. Couple that with a RunAs Radio podcast with SQL Server MVP Brad McGehee on Being a Better DBA and that raises the question, "What does it take to become a DBA?"

I came at being a DBA from a round about route. I was first a developer, became a system administrator, went back to being a developer, and then finally became a DBA. While I primarily work directory services and architecture now, I've worked to keep my DBA skill set, because being a DBA is something that I loved doing and still love when I get a chance to dive back in full throttle. Therefore, I thought I would offer some thoughts on what I think it …

For a variety reasons, including personal/family concerns and workload, I've not been able to write as often as I'd like. That doesn't just include the blog, but also writing articles. It's been a long while since I've written an article for SSC. I want to get back to writing at least monthly, if not more often. One of the keys to writing well is to write every day. Therefore, I'm going to provide some structure to the blog in order to make it easier to post every weekday with something that will hopefully be useful. Here's the types of posts that should be present based on the day of the week:

• Monday - Career Development
• Tuesday - Tips, Tricks, and SQL Scripts
• Wednesday - Tools, Tools, and More Tools
• Thursday - Tips, Tricks, and SQL Scripts
…