Well it has been a while since I posted anything here, it seems that finding stuff to write about or stuff that I learn while playing with/studying SQL Server is too much to write about. But I will try to summarize it here… 1 day …
For now the biggest topic I been dealing with as of late, I think I laid it to rest but we’ll see. Is SQL Injection Attacks; and how is possible to do these injection attacks via web pages?
While dealing with this issue, it amazes me how many people didn’t understand what SQL Injection attack is; everyone I talked to the first statement they told me are the servers patched up. Did you get the latest security fix?
And no matter how I put it, I didn’t seem to get it through to people that was the case. So I been trying to write up SQL Injection history; I am sure someone else already has done this. But I am hoping this can give some people some insight maybe they didn’t have. Or more to educate people who believe SQL Injection is another “techie” IT guys use to avoid doing work.
Well I guess part of the problem in my case was it was done on Microsoft SQL Server; so naturally they all rather attack Microsoft weaknesses then go through their code. I heard this statement recently “Anyone can take care of SQL Server”; and I wonder if that is the case … maybe all my studying for SQL Server isn’t needed. And then again next issue that walks through the door I’ll be diving in my books again. So I think I’ll keep at it, and hope everyone around me changes their view point of SQL as environment I support changes and improves.