“SQL Server 2005 is secure!”

This is a great interview with David Litchfield. I was recently in a review with Bob Muglia, Senior VP for the Server and Tools business, where the SQL team presented there had yet to be a security GDR for SQL2K5. Bob asked if it was because the product is secure or if people just aren't looking for security issue. The team proudly answered: people are looking and they're not finding anything. I just don't understand why anyone still runs Oracle (behind a firewall or not).

Comments (3)

  1. Steve.S.Walker@gmail.com says:

    Are you including web service hosting w/ endpoints in this statement?  At my firm, there seems to be some pushback regarding this technology, as it "exposes" otherwise unavailable access to the server…

  2. AFAIK there hasn’t been a single exploit reported on SS2K5. I would assume the hacker community has tried endpoint attacks – but that’s completely an assumption on my part.

  3. SSIS Junkie says:

    Well David Litchfield thinks so. "Who he?" you ask. Well this article will explain all. Thanks

Skip to main content