SQL SERVER COMPENDIUM – FORENSICS ANALYSIS

Dear Readers,

 We are proud to present our very first issue dedicated to the matter of SQL Server Forensics. However, as we managed to get in touch with quite a few brilliant experts ready to share their knowledge on the mentioned subject we decided to include several bonuses – some pretty interesting tutorials not only focusing on forensics and security topics. Why did we make such decision? At eForensics team we do always want to provide you with the best quality articles that will help you “master” your skills. Now, we are sure that the issue is fully packed with the tutorials to totally master the SQL Server field.

In the issue we are going to touch on some general topics as well as some detailed ones. You will be able to find out how to secure Microsoft SQL Server, how to encrypt connections to the SQL Server Database or how to design the database with obscurity in SQL Server. We present you with ten critical steps of SQL Server Database hardening, tutorials about SQL injections as well as mentioned bonuses about SQL Server Database transfer or tuning SQL Server for Sharepoint.

 We are truly enjoying sharing our experts and our team hard work with you as we all believe that you deserve the best. You all have chosen the career in the difficult and challenging field and we do hope to make your life easier putting all those tutorials in one place.

Enjoy, learn and master the skills!

eForensics Team

HOW TO SECURE MICROSOFT SQL SERVER LOGINS USING INDUSTRY BEST PRACTICES

By Denny Cherry

Microsoft SQL Server is a large and fairly complex platform, like all mature database platforms. While it is a simple platform to install it unfortunately has a history of not being the most secure platform by default. Thankfully over the years Microsoft has made great strides to secure the database platform by default, but there is still plenty ofopportunity to install the platform in a less than secure environment.

HOW TO ENCRYPT CONNECTIONS TO SQL SERVER DATABASE ENGINE

By Denny Cherry

Getting started with SSL in SQL Server can be a little bit of a daunting task as you’ll need to know how to get an SSL Certificate from your certificate authority as well as have an understanding of how SSL in general works. As we begin this article we will start by showing how to generate a CSR which will be needed to get the actual certificate.

DON’T DROP THAT TABLE; A CASE STUDY IN MYSQL FORENSICS

By Jeff Hamm

This article will demonstrate how I rebuilt and queried a database to extract evidence during an actual examination I conducted. Specifically, I examined a MySQL database, rebuit database tables, and used simple BASH scripts to generate queries on the tables to acquire the information to support an investigation. The ability to create, read, and query database tables will provide an examiner additional skills.

5 THINGS YOU NEED TO KNOW ABOUT INDEXING WHEN INVESTIGATING PERFORMANCE PROBLEMS IN SQL SERVER

By Rob Stewart

The concept of an index is well-known for improving access to data. From the Dewey Decimal system to the index in most books, indexes help us find what we are looking for faster and with less effort. Modern enterprise database systems are no exception and indexes allow data retrieval from tables that contain an ever increasing volume of information often increasing performance by orders of magnitude.

TUNING SQL SERVER FOR SHAREPOINT

By Utsab Chattopadhyay

As DBA, we are very much responsible to ensure that SharePoint Environment of our corporations is always performing at it’s best. In this article, I will share some recommendations from my experience which will ensure that the SQL Server part of SharePoint Solutions is properly tuned for best performance.

HOW TO DESIGN DATABASE WITH OBSCURITY IN SQL SERVER

By Grant Koeneke

There are many different ways to design and create databases. Now there are even several different platforms beyond just the Relation Database Management Systems (RDBMS). Add on top of this thought that there are many different reasons for using or not using one or many of these platforms to create a system and it can be quite confusing. A few of the tools we will be talking about in this discussion are SQL Server as an RDBMS, MongoDB as a NoSQL database platform and Redis as an in-memory database system.

HOW TO GET THE TOP OF CONSUMING QUERIES OUT OF AN EXTENDED EVENTS

By Guillaume Kieffer

In this article I will focus on showing how to get the top consuming queries using a XEvent trace. Its old style equivalent would be to collect a profiler trace using SQLDiag for example and then Readtrace. All the scripts that will follow work with SQL Server 2012.

SQL SERVER DATABASE HARDENING: 10 CRITICAL STEPS

By Teresa Neely

The importance of hardening a Microsoft SQL Server implementation is critical to avoiding a security breach. Hackers exploit vulnerability in SQL Server implementation to gain access to sensitive data stored in databases. These databases store credit card numbers, social security numbers, bank account information, etc. that is very attractive to hackers. By breaching the SQL Server, the hackers are able to gain unauthorized access to confidential information about customers, employees, and/or clients.

HOW TO KEEP SENSITIVE ECOMMERCE DATA IN MS SQL SERVER FROM BEING READ BY SIMPLE QUERIES

By Stephen Thomas

In this new digital era with cyber attack after cyber attack we must take counter measures to protect sensitive data in our eCommerce web sites.  For those of us who use Microsoft ‘s powerful SQL  server database to store our sensitive eCommerce data including but not limited to credit card information, copyrighted media, official documents, etc., we have many suitable options available to us to secure sensitive data by encryption.  This article will reveal to you several encryption options available to you in SQL Server, explain the difference between them, and give some practical code examples for using them.

BLIND INJECTION – DBV5. STEP BY STEP

By Vidit Baxi

It’s a unique type of injection used by hackers when website does not respond to the queries and does not generate any error. This type of injection can be applied to the database version 5 or above 5.

INJECTIONS (SQLI AND XSS): STILL REMAIN A SERIOUS THREAT IN THE WEB SPACE

By Uday Bhaskar

SQL Injections are one of the prominent vulnerabilities found in most of the web applications ranging from a small scale industry websites to huge government websites. This vulnerability also has a great reputation of being reported as a vulnerability among web applications ranging from E-Commerce, health, Insurance, HRMS, Banking and finance applications as well these days and has caused a great amount of damage in terms of reputation, brand and money to some of the well known and reputed companies in the world which include Sony, LinkedIn,eHarmony, Yahoo,Epsilon and Citibank.

IMPROVING DATABASE APPLICATIONS AND DATABASE INDEX PERFORMANCE

By Robert Vanaman

Users of database applications tend to be insensitive to their internal structure. To paraphrase Hamlet’s opening soliloquy “To normalize or not to normalize, that is the question”, may very well be the interrogatory occupying the DBA’s mind, but is far from a primary concern for the end user. Their concern is built around two primary issues: user-friendliness and performance.

SQL SERVER DATABASE TRANSFER (SPECIAL BONUS ARTICLE)

By Chris Kitchen

The purpose of this article is to review a number of data transfer technologies at a high level, in relation to Sql Server 2008 R2 and Sql Server 2012 with the aim of increasing the efficiency of data access for databases hosted in the UK from non-UK based applications by transferring the data from UK data centres to local overseas data centres which the overseas applications/users would then access directly. 

Whatever you want to learn on SQL Server Forensics – most likely we have it for you!

Find out how much you already know and how much can learn!