I have read your answer on the topic "MySQL versus SQL Server for Web site".
Can you please tell me, why are then MS SQL Servers hacked on a weekly/monthly basis? I myself am using MySQL and keeping away from Microsoft because one Russian cracker exposed thousands of credit card numbers on the Web, and his argument was: "...I had to do it because they were stupid enough to put credit card data on Microsoft SQL Server."
Bad security practices, bad deployment practices, bad development practices, and bad admin practices. If you configure a SQL Server directly exposed to the Internet using a blank password for your sa account, no kidding it is going to be hacked. If you follow proper security practices and configure your system with security in mind, then it isn't going to be hacked. He exposed those credit card numbers because someone deployed data in an unsecure manner.
Unix, mainframe, Windows, pick a platform or product, are hacked on a daily basis, somewhere in the world. They are hacked because the people installing and running them did not secure the data. Can more be done? Absolutely. But I can also tell you that the security available within SQL Server, if you choose to use it, will lock up your data and is light years beyond what you get with MySQL. Just like Access, I consider MySQL to be a toy database whose best use is as a hobby.
As a VERY recent example: the Slammer worm. Across several clients, I have more than 50,000 SQL Servers running. Every one of them stores mission critical and vital information, as well as extremely sensitive information. Not a single one of them got hit by the Slammer worm. Not a single one of them has ever been broken into. Why? Because they are installed behind and kept behind firewalls. The admin accounts are locked down and very tight access control is used. Anything unnecessary is turned off and disabled. The systems are monitored for hacking attempts and when detected, mechanisms kick in to lock the hacker down, back trace them, and shut them out of systems.
That is an extremely simplified answer to a very complex question. Your example is one example showing it happened. There are millions of examples showing it doesn't happen.
For More Information
- Dozens more answers to tough SQL Server questions from Michael Hotek are available here.
- The Best Microsoft SQL Server Web Links: tips, tutorials, scripts, and more.
- The Best SQL Web Links
- Have a SQL Server tip to offer your fellow DBAs and developers? The best tips submitted will receive a cool prize. Submit your tip today!
- Ask your technical SQL Server questions -- or help out your peers by answering them -- in our live discussion forums.
- Ask the Experts yourself: Our SQL, database design, Oracle, SQL Server, DB2, metadata, object-oriented and data warehousing gurus are waiting to answer your toughest questions.
Dig Deeper on Microsoft SQL Server Installation
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.