gMSA and SSL in SQL, a true journey

Info Lately when I set up a Microsoft SQL server I’ll always implement SSL and a gMSA account to run SQL from. Why? Convince yourself reading this blog post. Because this post focuses on a specific issue, I’ll not explain implementing SSL as such. Here’s the Microsoft documentation I follow for my implementations: https://support.microsoft.com/en-us/help/316898/how-to-enable-ssl-encryption-for-an-instance-of-sql-server-by-using-mi This …

Continue reading "gMSA and SSL in SQL, a true journey" »

How to prevent man in the middle SQL injection attacks

As a SQL engineer with an interest in security I’m convinced that security is a concept that should be implemented throughout an organization. Just placing a (properly configured) firewall and forcing password policies doesn’t suffice. In light of that last statement I wondered whether or not it was possible to gain access to a MS …

Continue reading "How to prevent man in the middle SQL injection attacks" »

SQL Server 2017 and Linux : Part 1

Today I will be writing about the new SQL 2017. It has been launched yesterday (Get your copy here) and one of the new and exciting features is you can now run it on a supported linux distribution (redhat, ubuntu, Suse, …) As I have been working exclusively with Windows OS’es for the past 6 years, …

Continue reading "SQL Server 2017 and Linux : Part 1" »