Contact US

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

Microsoft SQL Server: Programming FAQ

SQL Server Security

SQL Server Security Resources for DBAs and System Admins by tlbroadbent
Posted: 6 Feb 03 (Edited 5 Mar 03)

Recent SQL Server Worms and viruses have shown how vulnerable SQL Server can be. Microsoft is attempting to reduce the security holes in the product. However, the main responsibility for security lies with DBAs and system administrators. If we are administering SQL Server, we had better be well acquainted with SQL Server security.

SQL Server Books Online (SQL BOL) contains a lot of info about SQL Security.

Managing Security

However, the information in SQL BOL is not sufficient. Here are additional resources that we should bookmark and review.

SQLSecurity.com is dedicated to SQL Server security issues.

You can find the "SQL Server Security FAQ" on the site.

They also have a "SQL Server Security Checklist."

You can run a free analysis to see if your workstation or Server is vulnerable to attack.

The SANS Institute has some excellent info on SQL Security as well as some scripts you can use to check on certain security issues.

SQL Server security model and SQL Server security best practices by Narayana Vyas Kondreddi. (suggested by sguslan)

Microsoft is becoming more aggressive in addressing security and educating users.

Check the Microsoft SQL Server Website for updated security information

Resources and Tools for Checking SQL Server Security

You can download a "SQL Server 2000 Security" white paper at the following link.

A "SQL Server 7.0 Security" white paper is available at...

Microsoft Security Resources

TechNet Security

Database and SQL Server Security

Best Practices for Enterprise Security

Security Administration - SQL Operations Guide

Don't forget that MSDE is SQL Server and Can Make Workstations Vulnerable.

List of products using MSDE:

Finally, the SQLSecurity website has a list of other SQL Security sites.


The following quote is on the home page of SQLSecurity.com.

   "There is no 'patch' for stupidity."

There may not be a "patch" for stupidity but there is a "patch" for ignorance. That patch is education.

Back to Microsoft SQL Server: Programming FAQ Index
Back to Microsoft SQL Server: Programming Forum

My Archive

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close