INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

SQL Server Security

SQL Server Security Resources for DBAs and System Admins by tlbroadbent
Posted: 6 Feb 03 (Edited 5 Mar 03)

Recent SQL Server Worms and viruses have shown how vulnerable SQL Server can be. Microsoft is attempting to reduce the security holes in the product. However, the main responsibility for security lies with DBAs and system administrators. If we are administering SQL Server, we had better be well acquainted with SQL Server security.

SQL Server Books Online (SQL BOL) contains a lot of info about SQL Security.

Managing Security
http://msdn.microsoft.com/library/en-us/adminsql/ad_security_05bt.asp

However, the information in SQL BOL is not sufficient. Here are additional resources that we should bookmark and review.

SQLSecurity.com is dedicated to SQL Server security issues.
http://www.sqlsecurity.com/

You can find the "SQL Server Security FAQ" on the site.
http://www.sqlsecurity.com/faq.asp

They also have a "SQL Server Security Checklist."
http://www.sqlsecurity.com/checklist.asp

You can run a free analysis to see if your workstation or Server is vulnerable to attack.
http://www.sqlsecurity.com/audit.asp

The SANS Institute has some excellent info on SQL Security as well as some scripts you can use to check on certain security issues.
http://rr.sans.org/win/SQL_sec.php

SQL Server security model and SQL Server security best practices by Narayana Vyas Kondreddi. (suggested by sguslan)
http://vyaskn.tripod.com/sql_server_security_best_practices.htm

Microsoft is becoming more aggressive in addressing security and educating users.

Check the Microsoft SQL Server Website for updated security information
http://www.microsoft.com/sql/default.asp

Resources and Tools for Checking SQL Server Security
http://www.microsoft.com/sql/downloads/securitytools.asp

You can download a "SQL Server 2000 Security" white paper at the following link.
http://www.microsoft.com/sql/techinfo/administration/2000/securityWP.asp

A "SQL Server 7.0 Security" white paper is available at...
http://www.microsoft.com/sql/techinfo/administration/70/securityWP.asp

Microsoft Security Resources
http://www.microsoft.com/security/default.asp

TechNet Security
http://www.microsoft.com/technet/security/default.asp

Database and SQL Server Security
http://www.microsoft.com/technet/security/prodtech/dbsql/default.asp

Best Practices for Enterprise Security
http://www.microsoft.com/technet/security/bestprac/bpent/bpentsec.asp

Security Administration - SQL Operations Guide
http://www.microsoft.com/technet/prodtechnol/sql/maintain/operate/opsguide/sqlops3.asp

Don't forget that MSDE is SQL Server and Can Make Workstations Vulnerable.

List of products using MSDE:
http://www.microsoft.com/technet/security/MSDEapps.asp

Finally, the SQLSecurity website has a list of other SQL Security sites.
http://www.sqlsecurity.com/links.asp

-----------------------------------------------

The following quote is on the home page of SQLSecurity.com.

   "There is no 'patch' for stupidity."

There may not be a "patch" for stupidity but there is a "patch" for ignorance. That patch is education.

Back to Microsoft SQL Server: Programming FAQ Index
Back to Microsoft SQL Server: Programming Forum

My Archive

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close