Free Newsletters:
DatabaseDaily  
 		Database Journal
Search Database Journal:
 
MS SQL Oracle DB2 Access MySQL PostgreSQL Sybase PHP SQL Etc SQL Scripts & Samples Links Database Forum

» Database Journal Home
» Database Articles
» Database Tutorials
MS SQL
Oracle
DB2
MS Access
MySQL
» RESOURCES
Database Tools
SQL Scripts & Samples
Links
» Database Forum
» DBA Jobs
» Sitemap
News Via RSS Feed


follow us on Twitter




Database Journal |DBA Support |SQLCourse |SQLCourse2

Featured Database Articles

MS SQL

May 6, 1999

SQL Server Security Top 10

By Guy van den Berg

Heres the real basics, how to stop up all the little holes, at the very least you should:

  1. NEVER leave the sa passwd blank!
  2. Using Integrated security - to enforce passwd policies such as min length and reuse.
  3. Abstract the users - a level by only allowing stored procedures to access tables.
  4. Use views - to further abstract the users if possible.
  5. Use only Integrated Security and Named Pipes where ever possible.
  6. Avoid TCP/IP - if at all possible.
  7. Disable stored procedures - such as xp_cmdshell.
  8. Learn the difference - between logins and users and remove as many rights from guest as possible.
  9. Enforce - a security policy and audit levels.
  10. Change the default database - from master to something else.

Copyright ) 1998-99 G.h.van den Berg. All rights reserved.
These pages may not be resold or redistributed without prior written permission from Guy van den Berg

MS SQL Archives
Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 




Latest Forum Threads
MS SQL Forum
Topic By Replies Updated
SQL 2005: SSIS: Error using SQL Server credentials poverty 3 August 17th, 07:43 AM
Need help changing table contents nkawtg 1 August 17th, 03:02 AM
SQL Server Memory confifuration bhosalenarayan 2 August 14th, 05:33 AM
SQL Server – Primary Key and a Unique Key katty.jonh 2 July 25th, 10:36 AM