Next Meeting

Monday,

December

01

December 2014 Israel PASS Chapter Meeting

  1. Working with Very Large Tables Like a Pro in SQL Server 2014 - Part 2 (Guy Glantser, Madeira)

A common use case in many databases is a very large table, which serves as some kind of activity log, with an ever increasing date/time column. This table is usually partitioned, and it suffers from heavy load of reads and writes. Such a table presents a challenge in terms of maintenance and performance. Activities such as loading data into the table, querying the table, rebuilding indexes or updating statistics become quite challenging.

SQL Server 2014 offers several new features that can make all these challenges go away. In this session we will analyze a use case involving such a large table. We will examine features such as Incremental Statistics, New Cardinality Estimation and Delayed Durability, and we will apply them on our challenging table and see what happens...

Guy Glantser (Blog|Twitter) is the leader of the Israeli PASS chapter and also the CEO of Madeira SQL Server Services. His career has been focused on SQL Server for the past 17 years, performing various database roles as either an on-site DBA, an external consultant or an instructor. Guy is involved in many activities in the SQL Server community. He occasionally speaks at community events, such as Tech-Ed, PASS Summit and user groups around the world. He also co-hosts the SQL Server radio show.

Guy Glantser

 

  1. SQL Injections for DBA (Idan Cohen, Madeira)

 

In 1998 a hacker called Rain Forest Puppy published an article about vulnerability in NT Web Technology. He called it “piggybacking SQL statements” - an attack over databases by manipulating the user inputs that are concatenated to a query. That article initiated a call for action for hackers all over the world who were challenged to develop this attack, which was gradually became known as “SQL Injections”, and which, throughout the years, was established as an easy technique to hack websites ("defacing"), to reach lists of millions of credit cards and hack into internal networks.

In this session, Idan will discover the SQL Injections technique, starting from demonstrating the simplest implementation of SQL Injections, through showing a bit more complicated implementations by using advanced knowledge in databases and T-SQL, and up to presenting applications of actual take-over of protected systems by using the SQL Injections.

 

Idan Cohen is a SQL Server DBA, working in Madeira, with wide experience and knowledge of various types of DBs and their related challenges. Besides being a SQL Server DBA, Idan is a student of bachelor degree in Computer Science at IDC Herzliya, and has an extensive knowledge and experience in various computer related issues, from security and communication protocols, and up to developing in Java, C#, Perl, web programing and more.

Idan Cohen

 

 

Israel Blogging Community:

Guy Glantser Dubi Lebel Matan Yungman Meir Dudai Geri Reshef Maria Zakourdaev Noam Brezis Eitan Blumin Asaf Aviv Michael Zilbershtein Itai Binyamin Ronen Ariely