RE: Limiting application's database size

["Andrew Shore" <andrew.shore () holistecs com>]

Set the database as a fixed size and don't let it grow automatically.

That way the database can not get bigger than its initial size.

 
Andrew Shore
Senior Security Specialist
DDI. 01302 308 165
andrew.shore () holistecs com
 
 
 
Company Number 04943010
VAT Number 828 8635 82
 
 
Holistic Technologies Ltd
Unit 7 Shaw Wood Business Park
Shaw Wood Way
Doncaster
South Yorkshire
DN2 5TB
T. 0870 240 1442
F. 0870 240 1443
www.holistecs.com
 
 
 
 
 
 
 
 
 
 
 
 
 
 

-----Original Message-----
From: Thorpe, Jason (TAD) [mailto:Jason.Thorpe () fta dot gov] 
Sent: 28 June 2004 14:04
To: webappsec () securityfocus com; security-basics () securityfocus com
Subject: Limiting application's database size

I have a database server that contains several applications.  One of the
applications allow users to enter information into the database without
being authenticated.  My concern is that a malicious script could
quickly
increase the size of the database and thus taking all free disk space on
the
server.  Is there a way to limit the size of the database so that it
will
not affect the other applications?  Or does anybody have any suggestions
on
a way to handle this situation.

DB Server: MS SQL Server, IIS






---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------