J Wolfgang Goerlich's thoughts on Information Security
SQL Server Tip: Find and Change File Locations

By wolfgang. 23 November 2007 13:19

Here is a quick tip on finding the location of a database files and on updating that location. This tip works on SQL Server 2000 and SQL Server 2005.

-- Get the file location for the data (mdf), index (idx), and logs (ldf)

Use MYDBName

Select name, physical_name

From sys.database_files

 

-- Set the file location for a particular mdf, idx, or ldf file

Use MYDBName

Alter Database MYDBName modify file

(name=MYDBName, filename='E:\SqlData\MYDBName.mdf')

 

This comes in handy if the file name has been changed, or if the folders containing the database are being changed.

Tags:

Systems Engineering

Prevent the computer screensaver from locking the console

By wolfgang. 8 November 2007 08:44

A "clean screen" policy is a common control. The risk is of people gaining unauthorized access to systems and information by shoulder surfing or popping onto a computer that someone left logged in. To mitigate, a screensaver can be set to lock the computer after so many minutes of inactivity. Ideally, people work on the computer and the screensaver does not kick in. They stop, the computer locks, and the screen is clean.

The challenge for employees is that the screensaver may come on at inopportune times. For example, when giving presentations or when watching a training video. During these situations the person is using their computer but not actually causing activity.

Not surprisingly, people have started finding hacks to prevent the screensaver from coming on. WiebeTech, for instance, sells a Mouse Jiggler. "Prevents a computer from going to sleep while you work or play. Constant mouse activity prevents sleep mode and screen savers (and their password prompts)."

The workaround for the workaround is to disable device drivers. But this requires configuration management software that may be beyond the budget of many IT/InfoSe teams.

Anyone have other ideas of how to mitigate Mouse Jiggler?

Wolfgang


PS: Also, check out WiebeTech’s HotPlug. This allows someone to switch a running PC or server from a power outlet to a battery pack. They pitch it for forensics as a way to confiscate a running computer. "We created this product for our Government/Forensic customers … allows hot seizure and removal of computers from the field to anywhere else on the planet."

Tags:

Security | Systems Engineering

    Log in