UK SQL Server User Group

Organiser

Tony Rogerson, SQL Server MVP

my blog | hire me

SQLBlogCasts

Public Content

Microsoft 2005 KB's

Unable to Change the Default Physical Location of Content Databases on SQL server.
You may receive incorrect values when using SCOPE_IDENTITY() and @@IDENTITY.
Correcting the lack of cryptographic salt variation on SQL Server sa login hash.
You get "DTS_E_CANNOTACQUIRECONNECTIONFROMCONNECTIONMANAGER" error message when using Oracle connection manager in SSIS.
You may get "Unable to prepare the SSIS bulk insert for data insertion" error on UAC enabled systems.
FIX: You experience some problems when you perform a grouping members operation on an Excel pivot table whose data source is an SSAS 2005 cube.
FIX: Data is corrupted when you update data that is in an LOB column in a SQL Server 2005 transactional replication.
FIX: The principal database is not recovered if the database has a large number of virtual log files in SQL Server 2005.
FIX: Error message in SQL Server 2005 when you run an update statement on a database whose compatibility level is 6"Msg 4104, Level 16, State 1, Line 1 The multi-part identifier <Alias Name>.<Column Name> could not be bound".
Cumulative update package 8 for SQL Server 2005 Service Pack 3.
How to Uninstall SQL Compact 3.5 after installing SQL Server 2008.
Backing up a SQL Server database using a VSS backup application may fail for some databases.
A non-yielding issue may cause a database mirroring failover in SQL Server 2005 and in SQL Server 2008.
FIX: Data loss may occur if the database mirroring thread stops responding for a long time during an automatic failover process in SQL Server 2005 or in SQL Server 2008.
Cumulative update package 9 for SQL Server 2008.

Microsoft 2008 KB's

Evening Meeting on Wed Oct 28, 2009 in Dundee

Back to Events List

SQL Injection Attacks and Tips on How to Prevent Them

LiveMeeting Attendee URL	Click here to join Meeting
Time	Starts (UK time) at 18:00 , Finishes 21:00
Cost	Free
Organiser	Scottish Developers
Address	Queen Mother Building, Dundee University, Nethergate, Dundee, DD1 4HN
	Directions to Event
Tags	SQL Injection Attack, Security, Best Practices

Wednesday, 28th October 2009 at 19:00 – 21:00
Queen Margaret Building, Dundee University

The Talk

In light of some recent events, such as the man who was convicted of stealing 130 million credit card details through a SQL Injection attack, it is imperative that developers understand what a SQL Injection Attack is, how they are carried out, and most importantly, how to defend your code against attack.

In this talk Colin Mackay will demonstrate a SQL Injection Attack on an application in a controlled environment*. He’ll show you where the vulnerable code lies and what you can do to harden it.

Although this talk uses C# as the application language and Microsoft SQL Server 2008 as the database engine many of the concepts and prevention mechanisms will apply to any application that accesses a database through SQL.

* Demonstrating an attack on a real system without the owner’s consent is a breach of the 1990 Misuse of Computers Act, hence the controlled environment.

The Speaker

Colin Angus Mackay is a Software Developer living in Glasgow. He has been programming since the age of 9 starting with a Sinclair ZX Spectrum. He became a professional software developer in 1994, using a Smalltalk based language called Magik. In 1996 he started using C++ commercially and in 2002 migrated to the emerging language of C#.

Colin has received a number of awards including Code Project MVP (for 5 years) and Microsoft MVP (for 3 years). He is a member of the British Computer Society and a Member of the Institution of Analysts and Programmers. He is currently the chairman of Scottish Developers and has organised the last two Developer Day Scotland conferences (with a third in the works).

You can find out more on his blog.

The Venue

We are meeting in the Queen Mother Building at Dundee University. After the meeting we normally retire to the the bar at Laing’s

The Agenda

18:45 Doors Open
19:00 Welcome
19:10 The Talk (Part 1)
19:55 Break
20:05 The Talk (Part 2)
20:45 Feedback & Prizes
21:00 Repair to the Pub

Registration

Space is limited, to sign up go to http://www.eventbrite.com/event/443957890/sql

Coming Events

Wed, 17 Mar in 6 days LONDON Evening Meeting (125 registered) SQL 2008 Data Warehousing Features (Vincent Rainardi); Index Views and Computed Columns (Neil Hambly); Business Intelligence in Office 2010 - Excel,PowerPivot,SharePoint (Duncan Sutcliffe); finishing with a Q & A on BI with the panel	Sat, 27 Mar in 16 days MANCHESTER Evening Meeting (3 registered) Introduction to Business Intellence in the SQL Server Stack - *Date to be confirmed* - register your interest
Sat, 27 Mar in 16 days MANCHESTER Evening Meeting (5 registered) Introduction to Database Maintenance and Development 101 - *Date to be confirmed* - register your interest	Wed, 21 Apr in 41 days READING Evening Meeting (18 registered) Developer and DBA Focus
Fri, 7 May in 57 days ONLINE Webcast (2 registered) Database Design Part 1 - Why is Normalisation important? What is Normalisation, a look at First Normal Form (1NF) and Boyce Codd (BCNF) Normal Form	Wed, 19 May in 69 days LONDON Evening Meeting (17 registered) Developer and DBA focus
Wed, 23 Jun in 104 days READING Evening Meeting (4 registered) Business Intelligence focus	Wed, 14 Jul in 125 days LONDON Evening Meeting (7 registered) Generic session on SQL Server

Past Events

25 Feb 2010 EDINBURGH Evening Meeting (19 registered) Prize Draw , An evening of performance troubleshooting with Iain Kick , Learning SQL Server with Alistair Board	25 Feb 2010 CARDIFF Evening Meeting (16 registered) Change to Agenda BI Fundamentals: Building an Enterprise ETL Framework in SSIS, Data Warehouse Design
20 Jan 2010 DUNDEE Evening Meeting (7 registered) Allan Mitchell - Intro to SQL Server Integration Services 2008; Tony Rogerson - Intro to SQL Server tools both flavours - DBA and Developer. Usual Nuggets, Usual SQL LiveLock; Q & A; Advice etc..	17 Dec 2009 MANCHESTER Evening Meeting (9 registered) Manchester SQL Server User group - Round the table talks, SQL Nuggets, Informal talk and out for a drink and a chance to win a Copy of Windows 7 and SQL Server 2008
10 Dec 2009 LEEDS Evening Meeting (9 registered) An evening of Service Broker and Powershell	26 Nov 2009 EDINBURGH Evening Meeting (8 registered) Cancelled SQL Server Nuggets and a look into the Newsgroups
26 Nov 2009 LONDON Evening Meeting (57 registered) SQL Server internals and best practice for Absolute Beginners (Tony Rogerson); Nuggest from Dave Ballantyne on Ranking, UDF's; MS Business Intelligence Project Boosters (Siddharth Mehta) - an Introduction to the Power of Policies (Martin Cairney), BakBone product demonstration and the first LiveLock Discussion	18 Nov 2009 LONDON Evening Meeting SQL Azure and what is new in SQL Server 2008 R2
11 Nov 2009 READING Evening Meeting (36 registered) High Availability (Partitioning, File Groups (use of, backup/restore)) and an Introduction to SQL Server architecture - Tony Rogerson; Virtualising SQL Server (why, design, how, issues, solutions, troubleshooting) - Justin Langford	29 Oct 2009 LONDON Evening Meeting (42 registered) Deploying SSRS reports using msbuild (Jamie Thomson); BI 2.0 (Andrew Sadler); Data Warehouse Development Workbench for SQL Server (Steve Hitchman)
28 Oct 2009 DUNDEE Evening Meeting SQL Injection Attacks and Tips on How to Prevent Them	15 Oct 2009 MANCHESTER Evening Meeting (17 registered) Reporting Services evening. Hosted by Chris Testa-O'Neill
14 Oct 2009 READING Evening Meeting (33 registered) Focus: Developer/DBA; Tony Rogerson on TSQL Hints and Tips (CTE Recursion,Case,Partitioning,Sub-Queries,Normalisation/DeNormalisation) and Colin Leversuch-Roberts "How are my servers Today?" - real time monitoring dashboards	8 Oct 2009 CARDIFF Evening Meeting (18 registered) South Wales User Group first meeting - Ensuring Business Continuity (Backups, Mirroring and Monitoring) - Tony Rogerson; SQL 2008 Integration Services - some of the things that make it better - Allan Mitchell.
8 Oct 2009 EDINBURGH Evening Meeting (11 registered) SQL Server Performance Analysis Tools and Powershell

Member Chat

To post messages you must be signed on - please register or logon.

Jennifer Stirrup Wed 6:49PM

Is anyone hiring at the moment? Looking for a London-based BI focused role

tonyrogerson Wed 12:46PM

@philcr I'd really like to see Surface with a 2008 R2 demo on it taking full advantage of the kit - that would be cool! #sqlfaq

tonyrogerson Sun 10:14AM

Time for a brew - am reading on the SQL Server Modelling stuff and "M" - don't see where it fits to be honest #sqlfaq

tonyrogerson Fri 8:13PM

@Plip Should have used DAS and disk replication - commodity simple kit always the best approach (usually) #sqlfaq

tonyrogerson Fri 4:52PM

Ashwani Roy and Chris Testa-O'Neill are doing a 30 minute Q&A panel at the 17th March UG even - cool #sqlfaq

tonyrogerson Fri 3:13PM

Posted a blog http://bit.ly/afepEy that describes what Granularity is #sqlfaq

tonyrogerson Fri 12:24PM

7th May 1pm - 1.45pm http://bit.ly/c4UmAP I'm going to do a webcast on Normalisation - vender neutral #sqlfaq

tonyrogerson Fri 12:02PM

Just helped a friend take her first steps in SQL Server #sqlfaq over LiveMeeting; dam "namespace error" on SSRS on the install though :(

tonyrogerson Fri 10:32AM

Thinking about my Denormalisation/RElational Theory talk for SQLBits #sqlfaq; so much to cover - so little time.

mladenprajdic Fri 10:22AM

@tonyrogerson i don't know how useful the #sqlfaq is but there is #sqlhelp that is used and has quite some traffic.

tonyrogerson Fri 10:17AM

Whats the point using DISTINCT (tuples will b unique-I get that), but still keyless - what have you achieved in "relational" terms? #sqlfaq

tonyrogerson Fri 10:09AM

In CJ Date's book SQL and Relational Theory he talks about having DISTINCT on every query - that would be interesting #sqlfaq #infooverload

tonyrogerson Fri 7:39AM

17th March Business Intelligence event is now full - we've over 100 registered now, there is a reserve list in operation #sqlfaq

deepfat Thu 1:26PM

#SQLFAQ London SQL Server BI evening 17th March in Victoria be there and be a cube http://bit.ly/cx1vu4

tonyrogerson Thu 1:09PM

Just emailed the UG, had 4 offers to present and more registrations - the 17th will be a good evening! #sqlfaq BI is popular these days