Microsoft SQL Server 2017 RC1 available

First release candidate of Microsoft SQL Server 2017 brings a lot of interesting and new features 
19 July 2017   1239
Microsoft SQL Server

RDBMS that supports a wide variety of transaction processing, business intelligence and analytics applications in corporate IT environment.

Recently, Microsoft SQL Server team released Microsoft SQL Server 2017 release candidate 1. This is reported by Microsoft Technet Blog.

SQL Server 2017 has delivered:

  • Linux support for tier-1, mission-critical workloads  SQL Server 2017 support for Linux includes the same high availability solutions on Linux as Windows Server, including Always On availability groups integrated with Linux native clustering solutions like Pacemaker.
  • Graph data processing in SQL Server  With the graph data features available in SQL Server 2017 and Azure SQL Database, customers can create nodes and edges, and discover complex and many-to-many relationships.
  • Adaptive query processing  Adaptive query processing is a family of features in SQL Server 2017 that automatically keeps database queries running as efficiently as possible without requiring additional tuning from database administrators. In addition to the capability to adjust batch mode memory grants, the feature set includes batch mode adaptive joins and interleaved execution capabilities.
  • Python integration for advanced analytics  Microsoft Machine Learning Services now brings you the ability to run in-database analytics using Python or R in a parallelized and scalable way. The ability to run advanced analytics in your operational store without ETL means faster time to insights for customers while easy deployment and rich extensibility make it fast to get up and running on the right model.

Key enhancements in Release Candidate 1

In SQL Server 2017 RC1, there were several feature enhancements of note:

  • SQL Server on Linux Active Directory integration – With RC1, SQL Server on Linux supports Active Directory Authentication, which enables domain-joined clients on either Windows or Linux to authenticate to SQL Server using their domain credentials and the Kerberos protocol.
  • Transport Layer Security (TLS) to encrypt data – SQL Server on Linux can use TLS to encrypt data that is transmitted across a network between a client application and an instance of SQL Server. SQL Server on Linux supports the following TLS protocols: TLS 1.2, 1.1, and 1.0.
  • Machine Learning Services enhancements – In RC1, team add more model management capabilities for R Services on Windows Server, including External Library Management. The new release also supports Native Scoring.
  • SQL Server Analysis Services (SSAS)  In addition to the enhancements to SSAS from previous CTPs of SQL Server 2017, RC1 adds additional Dynamic Management Views, enabling dependency analysis and reporting.
  • SQL Server Integration Services (SSIS) on Linux  The preview of SQL Server Integration Services on Linux now adds support for any Unicode ODBC driver, if it follows ODBC specifications.
  • SQL Server Integration Services (SSIS) on Windows Server  RC1 adds support for SSIS scale out in highly available environments. Customers can now enable Always On for SSIS, setting up Windows Server failover clustering for the scale out master.

SQL Server 2017 for faster performance

SQL Server 2017 has several new benchmarks demonstrating faster performance than competitive databases, and against older versions of SQL Server:

  • The world record TPC-H 1TB nonclustered data warehousing benchmark, achieved in April 2017 using SQL Server 2017 on Red Hat Enterprise Linux and HPE Proliant DL380 Gen9 hardware.
  • A new, nonclustered TPC-H 10TB data warehousing workload benchmark achieved using SQL Server 2017 on Windows Server 2016 and Lenovo ThinkSystem SR950 hardware. At 1,336,109 QppH, this newly published benchmark is a world record.
  • A new TPC-E benchmark achieved with SQL Server 2017 running on Windows Server 2016 on a Lenovo ThinkSystem SR650, a world record for 2 socket TPC-E results.

Streamline your DevOps using SQL Server 2017

In SQL Server 2017, developers have introduced support for SQL Server on Linux-based containers, a benefit for customers using containers in development or production. They’re also working to help developers get started developing an app for SQL Server as fast as possible with installation instructions, code snippets, and other handy information.

On new microsite DevOps using SQL Server, which launched today, developers and development managers can learn how to integrate SQL Server in their DevOps tasks. Find demos, documentation, and blogs, as well as videos and conference presentations. Or, join the DevOps conversation at Gitter channels.

Customer benefits from SQL Server 2017

In fact, with Early Adoption Program, customers can develop new applications for SQL Server 2017 or add Linux support to existing applications, and get the support and end-user license agreement that they need to go into production on SQL Server right now. Here are some customers already benefitting from SQL Server 2017 on Linux:

  • Convergent Computing  A system integrator and longtime Microsoft partner, Convergent Computing was able to achieve a much faster return on server and storage hardware investments than usual by moving some tier-2 applications to inexpensive, white box servers running SQL Server 2017 on Linux.
  • dv01 – Financial technology startup dv01 started out with an open source database on a competitor cloud. But when it ran into performance and scale problems, SQL Server was able to give it 15X faster performance, plus in-database advanced analytics. And by moving to SQL Server 2017, dv01 could standardize its operating systems on Linux—all with an easy migration.

Additional information can be found at SQL Server Blog.

Chinese Hackers to Infect Servers With Hidden Miners

According to the research, 50k MS-SQL and PHPMyAdmin Windows servers around the world are infect with hidden miners by APT campaign
31 May 2019   529

The Chinese APT group injects cryptocurrency miners and rootkits into MS-SQL and PHPMyAdmin Windows servers around the world. According to specialists from Guardicore Labs, since February 2019, attackers have been able to compromise more than 50,000 servers.

Number of Infections Over Time - The Nansh0u Campaign
Number of Infections Over Time - The Nansh0u Campaign

The malicious campaign was named Nansh0u. The attackers hack Windows MS-SQL and PHPMyAdmin servers using brute-force, and then infect them with malware. Experts found 20 versions of malicious modules.

To prevent the completion of the process, the expired digital certificate of the dummy company Hangzhou Hootian Network Technology, issued by Verisign certification center, was used.

Nansh0u Campaign Attack Flow
Nansh0u Campaign Attack Flow

This campaign demonstrates once again that common passwords still comprise the weakest link in today’s attack flows. Seeing tens of thousands of servers compromised by a simple brute-force attack, we highly recommend that organizations protect their assets with strong credentials as well as network segmentation solutions.

Guardicore Team

Specialists from Guardicore Labs note that servers with unreliable credentials are in the first place at risk. To check the system for the presence of malware, experts recommend using a free script.