Security Basics mailing list archives
RE: Limiting application's database size
From: "Stan Guzik" <SGuzik () ImmediaTech com>
Date: Mon, 28 Jun 2004 11:01:30 -0400
In SQL Server, I'm assuming you are running 2K, there is an option on the DB to "Automatically grow file". If this selection is not checked your SQL DB will not grow meaning you need to monitor the growth manually. The above will work but manually monitoring always leads to human error. There are SQL SP to get the size of the DB and individual tables. You can use these SP in you code to notify/email you when your DB is close to its max, (let's save 20% free space.) -----Original Message----- From: Thorpe, Jason (TAD) [mailto:Jason.Thorpe () fta dot gov] Sent: Monday, June 28, 2004 9:04 AM To: webappsec () securityfocus com; security-basics () securityfocus com Subject: Limiting application's database size I have a database server that contains several applications. One of the applications allow users to enter information into the database without being authenticated. My concern is that a malicious script could quickly increase the size of the database and thus taking all free disk space on the server. Is there a way to limit the size of the database so that it will not affect the other applications? Or does anybody have any suggestions on a way to handle this situation. DB Server: MS SQL Server, IIS --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- RE: Limiting application's database size Griffiths, Ian (Jun 28)
- <Possible follow-ups>
- Limiting application's database size Thorpe, Jason (TAD) (Jun 28)
- RE: Limiting application's database size Stan Guzik (Jun 28)
- RE: Limiting application's database size Andrew Shore (Jun 28)