Re: SQL Server for Oracle DBAs

> exploited a Microsoft SQL Server vulnerability that was over a year old,
> one that was patched in early 2006 by the MS06-014 security update.
> Source: http://www.lexansystems.com/blog/tag/security-breach/

Only you could think MDAC has anything to do with SQL Server - it hasn't. It's no more anything to do with SQL Server than ORacle's ODBC driver - they are just other products that allow connection to SQL Server, also, it refers to SQL SErver 2000 which is no longer supported by Microsoft - the majority are on SQL Server 2005.

http://www.microsoft.com/technet/security/Bulletin/MS06-014.mspx

> one of the more prominent tech news organizations, reported the company
> RealNames informed customers that its customer information database had
> been breached and the attackers had walked off with valuable nformation,
> to include credit card numbers.
> Source:
> http://www.sqlservercentral.com/articles/Security/sqlserversecuritywhysecurityisimportant/1077/
>
> And there are thousands more where these came from.

More in Denial comments.

Brian Kelley talks about the importance of securing databases; he does talk about Slammer which was SQL 2000 and 8 - 9 years ago; SQL 2000 is no longer supported by Microsoft. He also talks about SQL Worm (from 2002 (6 years ago)) and again this related to SQL 2000 which again, is no longer support by Microsoft.

Brian's article itself is over 5 years old!

You don't pull the wool over many peoples eyes anymore Morgan.

Face it Morgan, the SQL Server team got the software quality life cycle right - oracle haven't; and don't take my word for it - as you well know the trade press take that view as well.

-- 
Tony Rogerson, SQL Server MVP
http://sqlblogcasts.com/blogs/tonyrogerson
[Ramblings from the field from a SQL consultant]
http://sqlserverfaq.com
[UK SQL User Community]