SQL injection is a very serious threat in the software and web industry as of current stats. It is also increasingly hitting databases like anything. The process allows miscreants to hack into your system through your web interface. However, the same tools could be used by security pros to find out SQL injection vulnerabilities in the system.
Category Archives: MS SQL Server
torage space is required than INT
Database mail is newly introduced concept in SQL Server 2005 and it is replacement of SQLMail of SQL Server earlier version. Database Mail has many enhancement over SQLMail. Database Mail is based on SMTP (Simple Mail Transfer Protocol) and also very fast and reliable where as SQLMail is based on MAPI (Messaging Application Programming Interface). Database mail depends on Service Broker so this service must be enabled for Database Mail. Database Mail can be encrypted for additional security. SQLMail is lesser secure as it can encrypt the message as well anybody can use SMTP to send email. Additionally, for MAPI to be enabled for SQLMail it will require Outlook to be installed. All this leads to potential security threat to database server.
In order to send mail using Database Mail in SQL Server, there are 3 basic steps that need to be carried out:
- Create Profile and Account
- Configure Email
- Send Email
Within each database, SQL Server does have fixed database roles, ones which are standard and included in every database. These differ from the database roles you can create and use yourself in that they have pre-assigned permissions. The fixed database roles are:
You can use the following T-SQL script to get more info and statistics about your database tables:
SELECT T.Name AS 'Table Name', T.create_date AS 'Creation Date', S.Name AS 'Schema Name', P.Rows AS 'Rows Count', SUM(A.total_pages) * 8 AS 'Total Space KB', SUM(A.used_pages) * 8 AS 'Used Space KB', (SUM(A.total_pages) - SUM(A.used_pages)) * 8 AS 'Unused Space KB' FROM sys.tables AS [T] INNER JOIN sys.indexes AS [I] ON T.OBJECT_ID = I.object_id INNER JOIN sys.partitions AS [P] ON I.object_id = P.OBJECT_ID AND I.index_id = P.index_id INNER JOIN sys.allocation_units AS [A] ON P.partition_id = A.container_id LEFT OUTER JOIN sys.schemas AS [S] ON T.schema_id = S.schema_id WHERE T.NAME NOT LIKE 'dt%' AND T.is_ms_shipped = 0 AND I.OBJECT_ID > 255 GROUP BY T.Name, T.create_date, S.Name, P.Rows ORDER BY 3 DESC