Just call it an internal DoS attack

If unnecessarily heavy workloads are hitting your SQL box, it's time to start treating them like inside hacking jobs

Page 2 of 2

Not only that, he'll be shocked to find out that the attack comes from inside the company. When he learns they're scheduled reports, he may drop his guard, but you can't let him. The best hacks disguise themselves as legitimate payloads, and these shouldn't be considered any differently. When you can cut down the resource usage drastically, that's when it turns into an actual attack. They deserve no mercy -- kill the SPID, kill the report, and tase the developer.

For argument's sake, let's say you belong to a company that doesn't believe in tasing devs. If these devs want to play hardball, you can too, using a feature in SQL Server 2008 called the Resource Governor.

Perhaps your management doesn't take the threat seriously and won't allow you to kill the reports. That's fine -- put them in a resource group that limits them to a single CPU. If the boss really doesn't care how long it takes the report to run, then play by his or her rules. The only difference is you have admin rights on the server. When they complain that the report is taking longer than usual, remind them that they said they don't care how much time it requires.

Take it further: Tell them the numerous bad reports are conflicting with each other and resources are gone. Then offer to show them how to cut down their load so that it runs a lot faster and they can get your data sooner in this constrained environment. When management makes the change, you can remove that person from the resource group. It's kind of playing dirty, but when you're dealing with hackers, from inside or out, all's fair.

This story, "Just call it an internal DoS attack," was originally published at InfoWorld.com. Read more of Sean McCown's Database Underground blog at InfoWorld.com.

| 1 2 Page 2