Archive for March, 2009

Fix for a hanging server after shutdown in rdp session…

March 25th, 2009 No comments

One of my least favorite, and recurring, issues with Windows is one that pops up all the time where you try to reboot a server while you are in a remote desktop session; the RDP session will end but the server never reboots.  In my experience this only happens when you reboot within a normal RDP session, but if you are logged in with the /console or /admin switch it will work fine.  This fix is relatively old, but it is one that is not talked about very frequently.  This can also happen if you are logged into a regular RDP session and are trying to run Windows Updates.

This problem is a result of deadlocks occurring between the NTFS shutdown process and disk resource access.  Usually, your server will remain online responding to ping when this happens, and you can even get into computer management, remote registry, and other things remotely.  Getting back into the server through RDP however does not work because terminal services is already shutting down.  You can read more about this at the link below for the KB article.

Without this fix your options are limited to bring the server down gracefully, in fact many people would just do a hard reset from the power button to finish the reboot.  You can however issue a remote shutdown command from the command line.  Simply run “shutdown /r /t 5 /m \\computer_name” without the quotes to reboot the machine in question.  Make sure you don’t forget the /m switch otherwise you will end up rebooting your own machine.  /t is for the time to wait before shutting down and you can use 0 if you like to shutdown immediately, but this doesn’t give you a chance to send an abort (/a) if you enter the wrong server accidentally. You can also issue “shutdown /i” without the quotes to get the interactive dialog which will let you enter a list of servers to reboot and a few other options.

The Microsoft patch for this can be acquired from the following page:

Note: This does not solve the problem every single time.  I have seen the issue occur even after applying this patch, but it seems to fix the problem for the vast majority.

The problem with SQL Injection…

March 23rd, 2009 No comments

Oh yes, Little Bobby Tables we call him.

I know it’s an old comic, but XKCD really hit the nail on the head with this one.  It is something that I deal with on a regular basis and I think there are a lot of people out there who still don’t really understand the concept of SQL Injection, how it works, and how to get away from it.  While working with a client who fell victim to a SQL Injection attack on their website, I wrote some information for them to take and use as reference for what SQL Injection is, how to prevent it, and what to do about it when it happens.  I have generalized that info and hopefully it can help some others.
Read more…

Categories: SQL Tags: , , , , ,