SQL Archives - The Silicon Underground

Common security attacks and countermeasures

Dave Farquhar — Wed, 03 May 2017 11:00:33 +0000

As a security professional, I talk to a lot of people about common security attacks and countermeasures. I’m not always certain the people I’m talking to know what these things mean. I am almost certain they aren’t willing to ask.

The post Common security attacks and countermeasures appeared first on The Silicon Underground.

Patch management strategy

Dave Farquhar — Mon, 03 Apr 2017 11:00:47 +0000

Vulnerability management and patch management are close relatives. In most companies, think of them as siblings who hate each other. That’s usually how it plays out. It doesn’t always have to be that way, but it takes some thought and

The post Patch management strategy appeared first on The Silicon Underground.

SQL injection explained

Dave Farquhar — Tue, 19 Jul 2016 11:00:50 +0000

I’ve never seen SQL injection explained really well, until one of my coworkers did just that. I’m going to try to repeat his explanation here, because SQL injection is something that everyone seems to expect everyone else to just know. SQL injection

The post SQL injection explained appeared first on The Silicon Underground.

Job hunting on your own vs. using a recruiter

Dave Farquhar — Thu, 28 Apr 2016 11:00:02 +0000

A former coworker contacted me last week. He’d been employed in the same place for the last 16 or 17 years and he couldn’t remember how to look for a job. Who better to ask than a guy who’s changed jobs

The post Job hunting on your own vs. using a recruiter appeared first on The Silicon Underground.

Resources for learning SQL

Dave Farquhar — Wed, 30 Sep 2015 11:00:32 +0000

Whether you’re a sysadmin, an analyst, or use a computer for something else professionally–even if you’re not a database administrator or developer–SQL is a useful skill to know. I’ve gotten by for 20 years without knowing much more SQL other

The post Resources for learning SQL appeared first on The Silicon Underground.

What I would have done to secure the Astros’ database

Dave Farquhar — Thu, 18 Jun 2015 11:00:45 +0000

The now-infamous breached Houston Astros database sounds like a classic case of what security professionals call Shadow IT: a project that the business needs, done without adequate involvement from security and, most likely, from the IT department as well. These kinds

The post What I would have done to secure the Astros’ database appeared first on The Silicon Underground.

Predicting the future, circa 2003

Dave Farquhar — Fri, 26 Sep 2014 11:00:38 +0000

In the heat of the moment, I searched my blog this weekend for quotes that could potentially be taken out of context and found something rather prophetic that I wrote in the heat of the moment 11 1/2 years ago:

The post Predicting the future, circa 2003 appeared first on The Silicon Underground.

How to patch less

Dave Farquhar — Thu, 20 Mar 2014 11:00:06 +0000

One of my former supervisors now works for a security vendor. He told me the other day that someone asked him, “Does your company have anything so I don’t have to patch anymore?” The answer, of course, is that there’s

The post How to patch less appeared first on The Silicon Underground.

DROP DATABASE wordpress;

Dave Farquhar — Thu, 07 Feb 2013 23:55:02 +0000

This week, I doubled back down in earnest to get my webserver running on the hardware I bought a year ago. After getting Apache, PHP and MySQL installed on the box and playing together nice, I installed WordPress and got

The post DROP DATABASE wordpress; appeared first on The Silicon Underground.

Tag your imported WordPress content with Simple Tags

Dave Farquhar — Sun, 03 Feb 2013 11:27:49 +0000

Unlike many bloggers, I blogged for a decade before moving to WordPress. That meant I had a pile of old posts with no tags on them. One of the nice things about WordPress is that you can use the tags

The post Tag your imported WordPress content with Simple Tags appeared first on The Silicon Underground.