Microsoft have just released a couple of new security tools that might be useful, especially if you’re still running some legacy ASP applications.
- Microsoft Source Code Analyzer for SQL Injection - a static code analysis tool for finding SQL Injection vulnerabilities in ASP code
- Microsoft Urlscan Filter v3.0 Beta - a security tool that restricts the types of HTTP requests that Internet Information Services (IIS) will process. By blocking specific HTTP requests, UrlScan helps prevent potentially harmful requests from being processed by web applications on the server.
UrlScan has been around for quite a while, so I’ll be interested to see what new features are part of v3.
Getting your code into a version control repository is relatively easy. Doing the same for your database schema has historically been a bit trickier. I think this is partly because modern databases (like Microsoft SQL Server) come with quite useable graphical interfaces, which means that you can make many significant changes without ever writing a line of SQL.
The good thing though is that all of these changes are done using SQL, so version control is usually about keeping versions of the SQL scripts.
Some common techniques include:
- One single production database and all changes are made live (be careful!)
- Make changes to dev database and then migrate the changes to production (SQL Compare is great for this)
- All schema objects are stored in scripts that need to be executed to create the database.
Creating the initial database isn’t too bad, but pushing out updates can be more difficult, especially if you need to deal with updating from different possible versions.
Even better, it is unmetered for Internode customers (such as myself), and means that the 4.7Tb of SourceForge files are available to download super-quick. Not that I want to download 4.7Tb all at once mind you!