Preview Mode Links will not work in preview mode

Voice of the DBA


Welcome to the Voice of the DBA, thoughts from Steve Jones on databases, SQL Server, and life.

Mar 29, 2016

If you pay attention to security issues in software, you've probably heard about man-in-the-middle attacks. These can occur more frequently than you expect, though inside of a company, it's more unlikely that you'll experience one if you have some fairly basic security controls on your network.

However, if you invite someone inside of your network, such as a consultant of some sort, you should be more vigilent. There's a great post showing how someone can execute a MITM attack against SQL Server. It's in depth, showing exactly how packet captures lead to the ability to hijack a session and create a new login.

Read the rest of "Track Your Consultants"