If you are here you are like me you created your bing advertising, Pay Per Click (PPC), account. Maybe you did it on another computer or you are just at some computer without e-mail and you are trying to figure out how to log into your Bing account. For some reason Microsoft has hidden the link to this, really really well. Here is the link https://adcenter.microsoft.com/ . Obvious after you see it but not IOCO (Intuitively Obvious to the Casual Observer)
I hope this helps someone.
Chris
One of our clients websites was getting hit with SQL injection attacks on a regular basis. Our first measure was to put in code like this
Function QueryStringCheck()
dim stringlist(10)
strQuery = UCase(Request.ServerVariables(”Query_String”))
‘ strQuery = Replace(URLDecode(strQuery),” “,”")
strQuery = URLDecode(strQuery)
‘response.write strQuery
StringList(1) = “EXEC(”
StringList(2) = “skip”
StringList(3) = “INSERT ”
StringList(4) = “UPDATE ”
StringList(5) = “DELETE ”
StringList(6) = “DECLARE @”
StringList(7) = “DECLARE%”
StringList(8) = “‘;”
StringCount = 8
instring = 0
for i = 1 to StringCount
if InStr(strQuery,StringList(i)) > 0 then
instring = 1
end if
next
if instring = 1 then
‘response.write (request.ServerVariables(”URL”))
response.redirect(”500.asp?badscript=”&request.ServerVariables(”URL”) & strQuery)
end if
end function
This code did a great job for awhile but it seemed like the client kept getting hits. The client was not in a position to convert everything to parameterized queries. So we just kept waiting for attacks fixing the problem and trying to decipher how the hacker was getting through our code. One day while looking at the logs I noticed DEC%LARE in the query string. This seemed very weird and was clearly not one of the keywords I was looking for. With a quick search came to understand that the .asp engine will ignore the percent sign(%) if it is not followed by HEX characters. That was our hole. Since we added DEC%LARE to our check we have no longer experienced any successful SQL Injections. I would love to hear comments and questions.
In this entry I will show you how to schedule a backup of your ms sql server database tables to flat files on the same server.
In my case I like to have these back-ups because it will be much easier to recover from disaster on the production server and because it is much easier to fix small dumb mistakes I have done on the production server like and it gives me table by table flexibility.
Recover from bad update command
Recover from bad insert command
Recover from dumb sql commands
From your target computer.(the computer where you want the backups)
You will want to create a blank database on the local sql server as your target.
Open up Enterprise Manager and connect to your sql database.
After connected to your database right click on the database or tables icon go to ‘All Tasks’ and select export data.
In the Data Transformation Services Import/Export Wizard select next.
Since you were already connected to the database you want to export from the first screen ‘Choose a Data Source’ should be properly populated click next.
Now select the target database on your local server.
Select Next
Leave the Copy Table and Views checked and press next
Select (check) all the tables and views you want to backup Press Next
Now check the Schedule DTS package for later execution. You can leave the Run immediately checked if you like.
Select the button to the right with the three dots as in this image.
Select the schedule for which you want your backup to run.
Make sure the Save DTS Package is checked.
I always save it as SQL Server Meta Data Services
Press Next
Now enter the details of how to save this backup package. You want to save this on the database at the source which will be the default settings.
If you want to delete the backup package or make changes you can find it in Enterprise Manager under Data Transformation – Local Packages
To Restore:
Make a copy of the table you want to restore or just delete all the data in that table. Be very careful you need to know what you are doing here!! I usually delete or rename the table where I am going to restore the data.
Right click the tables icon in the database you want to restore in Enterprise Manager and select All Tasks – Import Data
In the Data Transformation Services Import/Export Wizard select next.
Select the correct database from your local server, press next.
Since you started this import data from the correct database the next screen Choose a destination should be properly populated, press next.
Leave the copy Tables and views checked and press next
Select the tables you want to restore
Check Run immediately and select next and finish
In this entry I will show you how to schedule a backup of your ms sql server database tables to flat files on the same server.
In my case I like to have these back-ups because it will be much easier to recover from disaster on the production server and because it is much easier to fix small dumb mistakes I have done on the production server like and it gives me table by table flexibility.
Recover from bad update command
Recover from bad insert command
Recover from dumb sql commands
Backing-up individual tables to the target computer using Flat Files.
From your source computer.
First you must connect to your sql database from Enterprise Manager.
After connected to your database right click on the database or tables icon go to ‘All Tasks’ and select export data.
In the Data Transformation Services Import/Export Wizard select next.
Since you were already connected to the database you want to export from the first screen ‘Choose a Data Source’ should be properly populated click next.
In the Destination drop-down select text file (it will be at the bottom)
Now select a target location and file name I suggest you use the name of the table you are going to put in that file. Include the .txt which
Select Next
Leave the Copy Table and Views checked and press next
At the top select the source table you want to backup.
I leave all the other settings as default. Press Next
Now check the Schedule DTS package for later execution. You can leave the Run immediately checked if you like.
Select the button to the right with the three dots as in this image
Select the schedule for which you want your backup to run.
Make sure the Save DTS Package is checked.
I always save it as SQL Server Meta Data Services
Press Next
Now enter the details of how to save this backup package. Probably should give it a name like tblCatToProdDailyFlatFile. You want to save this on the database at the source which will be the default settings.
If you want to delete the backup package or make changes you can find it in Enterprise Manager under Data Transformation – Local Packages
To Restore a single table:
Make a copy of the table you want to restore or just delete all the data in that table. Be very careful you need to know what you are doing here!! You can use this sql command and run it from query analyzer to empty out the table “Delete From [yourtable]”. No matter how you do it you will need the correct table structure to import the data.
If you have some auto increment fields you will need to remove the auto increment so the data can be imported. After importing turn the auto increment back on.
Right click the tables in the database you want to restore and select All Tasks – Import Data
In the Data Transformation Services Import/Export Wizard select next.
On the Choose a data Source select text file from the Data Source Drop down
Locate the text file you want to restore press ok and then press Next
Press next with the default command for file format (assuming you used the default when you created the back-up)
Press next and next again at the Specify Column Delimiter
Select the correct database at the Choose a destination screen.
Make sure that it is going to go to the correct table (which will be easier if the file name has the same name as the table) Click the transform button a screen similar to below will pop-up.
Click in the destination column on the first row and select the target field. (this should be the first field for the first row and the second field for the second row.) Press OK
Press Next
Check Run immediately and select next and finish
Make sure to recreate any Auto increment fields you have in the table definition.
This entry explains how I set-up my Web Server to back-up my SQL database.
Open up SQL Server Enterprise Manager
Select a server group
From the top menu select tools>backup database
Select the database you want to backup
Select the type of backup
I usually set-up two backups
Complete once a week
Differential everyday
You must add a destination. I use a file as a destination on a folder designated for my database backups.
Schedule the backup
Again Complete once a week
Differential everyday
You may get a warning message SQLServerAgent on target server ‘(local)’ is stopped.
Go to services by
Right click My Computer and click manage
Open up the Services and Applications tree
Select Services
Find the SQLServerAgent
Right click this service and go to properties
Change startup type to Automatic (this will make sure the service is running anytime the server is rebooted
Also start the service.
If you need to make changes to these settings you can find these backup routines in SQL Server Enterprise Manager by opening Management>SQL Server Agent > jobs, you may need to refresh if you have just added the job.
