sql server express vs full version for a lab

[nutjob.ie at gmail.com (Pat)]

Once you install the management studio you wont have a problem. (separate
download)


On Mon, Mar 16, 2009 at 2:43 PM, Robin Wood <dninja at gmail.com> wrote:

> I'll install SQL Express then. I thought I'd be ok with it but just
> wanted to be sure before spending days of head banging trying to get
> something to work that would fine on a paid for system.
>
> Robin
>
> 2009/3/16 Pat <nutjob.ie at gmail.com>:
> > On Mon, Mar 16, 2009 at 2:35 PM, Pat <nutjob.ie at gmail.com> wrote:
> > > Small tips.
> > >
> > > Sql Express is missing some of the analysis services and some of the
> > > reporting serices. From a break in point of view this wont matter to
> you.
> > > Express is free and comes in a re-distributable installer package
> designed
> > > to be bundled in other pub installers.
> > >
> > > Be sure to Get older versions of express also. 2005 + 2008 express
> > > editions are in common use. SQL server 2000 i have seen recently
> deployed on
> > > a system and forgotten about.
> > >
> > >
> > > Also tools like Sql Server Management studio and SQL profiler are very
> > > useful  in lab environments.
> > > If you are trialling an SQL injection attack SQL profiler will show you
> > > exactly what is round tripping to the database. Very helpful on a Blind
> SQL
> > > attack or when your application testing. (you wont have this on a real
> > > pen-test but still worth learning)
> > >
> > >
> > > Hopefully this mail Goes through. As i think due to the use of my signup
> > > for everything account with an unusual name i get filtered.
> > >
> > > Best of luck,
> > > Pat
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > 2009/3/16 Russell Butturini <rbutturini at epictn.com>
> > > > I second Tim?s recommendation.  SQL Express should work fine for this.
> > > > And definitely check out the Foundstone Hacme series, as John suggested
> on
> > > > Ep 143.  Hacme bank is GREAT!!!
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > From: pauldotcom-bounces at mail.pauldotcom.com
> > > > [mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Tim
> Krabec
> > > > Sent: Monday, March 16, 2009 8:19 AM
> > > > To: PaulDotCom Security Weekly Mailing List
> > > > Subject: Re: [Pauldotcom] sql server express vs full version for a lab
> > > >
> > > >
> > > >
> > > > go with express.  I believe that is the free version.  That will give
> you
> > > > 2 things, 1 a test bed, and 2 a good piece of SW to learn on, that will
> > > > probably be installed (as a feature of other software)
> > > >
> > > > On Mon, Mar 16, 2009 at 9:06 AM, Robin Wood <dninja at gmail.com> wrote:
> > > >
> > > > Hi
> > > > I'm setting up a windows lab machine and want sql server on it. I'm
> > > > looking at playing with basic sql injection and stored procedures, in
> > > > particular xp_cmdshell. Does anyone know if there are any differences
> > > > for this kind of thing between the express version of sql server and
> > > > the paid for versions or are the differences purely in the amount of
> > > > data and things like that?
> > > >
> > > > Robin
> > > > _______________________________________________
> > > > Pauldotcom mailing list
> > > > Pauldotcom at mail.pauldotcom.com
> > > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > > Main Web Site: http://pauldotcom.com
> > > >
> > > >
> > > > --
> > > > Tim Krabec
> > > > Kracomp
> > > > 772-597-2349
> > > > smbminute.com
> > > > kracomp.blogspot.com
> > > > www.kracomp.com
> > > >
> > > > _______________________________________________
> > > > Pauldotcom mailing list
> > > > Pauldotcom at mail.pauldotcom.com
> > > > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > > > Main Web Site: http://pauldotcom.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090316/58ba8174/attachment.htm