RE: Limiting application's database size

["Stan Guzik" <SGuzik () ImmediaTech com>]

In SQL Server, I'm assuming you are running 2K, there is an option on
the DB to "Automatically grow file".  If this selection is not checked
your SQL DB will not grow meaning you need to monitor the growth
manually.

The above will work but manually monitoring always leads to human error.
There are SQL SP to get the size of the DB and individual tables.  You
can use these SP in you code to notify/email you when your DB is close
to its max, (let's save 20% free space.)



-----Original Message-----
From: Thorpe, Jason (TAD) [mailto:Jason.Thorpe () fta dot gov] 
Sent: Monday, June 28, 2004 9:04 AM
To: webappsec () securityfocus com; security-basics () securityfocus com
Subject: Limiting application's database size

I have a database server that contains several applications.  One of the
applications allow users to enter information into the database without
being authenticated.  My concern is that a malicious script could
quickly
increase the size of the database and thus taking all free disk space on
the
server.  Is there a way to limit the size of the database so that it
will
not affect the other applications?  Or does anybody have any suggestions
on
a way to handle this situation.

DB Server: MS SQL Server, IIS




---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------