Monthly Archives: February 2017

#SQLSat595 Cleveland Recap


I’m sorry for all the people who were affected by the multiple battery issues with the Note 7 but I simply could not find a Dell, HP, Microsoft, or Lenovo laptop that even came close to the notebook 7 spin.

One upgrade had to be done right away though… FLASH… na naaaaaaaa!

Upgrading the Samsung notebook 7 spin with a Samsung 850 EVO 500GB M.2 SATA II V NAND SSD. First, summon your internal zen patience. Next, use a tool thinner than a credit card to remove the single plastic snappy back cover.


This computer is now a fantastic addition to my fleet and worked out very well for my 3 VM mobile lab required for my presentation on Hacking SQL Server.

I’ve given this presentation at user groups and SQL Saturdays. Each time I make a solid effort to get the latest versions of Windows Server and SQL Server ready. I also grab the latest hacking tools I can find. There is no room for procrastination when preparing because you don’t know what life will throw at you right before showtime. The organizers did a fantastic job of communicating all the changes to time slots and rooms. The interest survey was an objective way of placing the popular sessions in larger rooms and when it comes time to to have our SQL Saturday, that will definitely be a tool we will take advantage of.

More Preparation

The team building exercise, aka speaker volunteer dinner, usually takes place the night before. This is important to build comradery and increase the comfort level of a bunch of people who may be in the area for the first time. It can also feel like a family reunion, running into that crazy uncle and cool hip west coast cousin that makes for some hilarious conversation. One downside is the combination of loud talking over music and hops until late at night can cause dehydration and raspy voices in the morning. Nothing some phlegm building orange juice and over the counter medications can’t fix.


SQL Saturday is full of awesome presentations. Attending very useful presentations, right before I have to give mine, causes me to go on unnecessary tangents. I really wanted to watch more speakers in action, but decided to chill out for most of the morning. I did follow and thoroughly enjoy Janis’s 12 step program and can attest that the program works. I’ll be modifying my own less effective program. I was missing some steps and definitely will take advantage of the scripts around finding the worker bees behind CXPACKET.

The lunch was great and gave me a little extra time to familiarize myself with the microphone before my session. The wireless mic was on point (thanks AV) and the monitors facing the speaker really helped. The auditorium could seat over 100 people and had 3 projectors.

Show Time Most content is uploaded, feel free to contact me using the email address on the last slide.

The demos went smoothly but perhaps a little slowly. I used zoomit in some spots but failed to do it in others. I had plans for two more quick demos but ran short on time. Some previous feedback I had was to engage the audience more. Since then I have added a task for the assigning an attacker, and a victim to remember the IP addresses. Also, I added another person to give me a 30 minute warning which worked out perfectly. Also, I make a point to hack a poorly configured server, but not to show the misconfigurations until later in the presentation. This has, without fail, invoked some comments/questions about the layers of security that would block the hacks I am explaining. This is always a good sign that some people are understanding the content and makes me happy.

I specifically asked the attendees to think of constructive criticism on their evaluations and if they couldn’t think of anything, make something up. This is my favorite:


If you want to attend more SQL Saturday’s, you have to be willing to participate in Volunteering, Speaking, and Sponsoring these events. If those things don’t fit into your life at this time, remember attendees are why we do what we do so make a point to check the schedule and go to a SQL Saturday!



Leave a comment

Posted by on February 5, 2017 in PASS


I’m speaking Saturday, Feb 4th in Cleveland, OH

It has been quite a while since I’ve spoke at a SQL Saturday, partly because Michigan has taken a pass on hosting one the last couple years. These things are tough to get going and I have great respect for the few select individuals that grab the bull by the horns and see the event through to the end.

The last time I was caught off guard by a major upgrade to my hacking tools. Brand new stuff is not something a speaker should try to implement 2 days before the presentation for the sake of the demos and for the sake of their attendees. But I couldn’t resist and it actually went quite well.

Hopefully my history with these risks right before the presentation don’t blow up but I have another last minute enhancement. I trashed all my VMs and installed a 500GB V NAND SSD. O boy, is it sweet. Hopefully, it will help my presentation fit into the 60 minute time slot.

I’ll follow up with a recap of the event because I also plan on soaking up some valuable skills from the other attendees and speakers.

Leave a comment

Posted by on February 1, 2017 in PASS