Re: Creating a checklist for SQL Server 2000

This should help.

There are a variety of pretty good checklists and tools (which autocheck the settings mentioned in the checklist) available from NIST/DOD

Checklist Homepage http://iase.disa.mil/stigs/stig/index.html
Download Package http://iase.disa.mil/stigs/checklist/database-stig-v7r2.pdf

justin.ross
CCNA, MCSE, CCSE, CISSP

"Pranav Lal" <pranav.lal@xxxxxxxxx> 2/22/2007 2:50:40 AM >>>
Hi all,

I have been asked to get a checklist for SQL server 2000. I have found
material at the following locations;
http://www.nsa.gov/snac/db/mssql_2k.pdf
http://msdn2.microsoft.com/en-us/library/aa302337.aspx
http://www.sans.org/reading_room/whitepapers/application/1273.php?portal=3323855d672e12e0e1e53f32fb3f15af

I find that SQL server security is highly integrated with the
operating system so a separate SQL server 2000 only checklist is
almost meaningless. Am I on the right track? The problem is that the
client wants to see a "checklist" and consequently so does my boss.
So, are there any checklists out there or do I have to carry out some
kind of rephrasing exercise on material from the above links?

Pranav

---------------------------------------------------------------------------
This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse. Arm your
enterprise with BigFix, the single converged IT security and operations
engine. BigFix enables continuous discovery, assessment, remediation,
and enforcement for complex and distributed IT environments in real-time
from a single console.
Think what's next. Think BigFix.

http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/
---------------------------------------------------------------------------





---------------------------------------------------------------------------
This list is sponsored by: BigFix

If your IT fails, you're out of business - or worse. Arm your
enterprise with BigFix, the single converged IT security and operations
engine. BigFix enables continuous discovery, assessment, remediation,
and enforcement for complex and distributed IT environments in real-time
from a single console.
Think what's next. Think BigFix.

http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/
---------------------------------------------------------------------------

Relevant Pages

  • Creating a checklist for SQL Server 2000
    ... I have been asked to get a checklist for SQL server 2000. ... operating system so a separate SQL server 2000 only checklist is ... are there any checklists out there or do I have to carry out some ... Arm your enterprise with BigFix, the single converged IT security and operations engine. ...
    (Security-Basics)
  • RE: Creating a checklist for SQL Server 2000
    ... Yes, you are on the right track, where possible use Windows and not SQL ... Better Ideas for IT Risk & Security Mgt. ... are there any checklists out there or do I have to carry out some kind ... BigFix ...
    (Security-Basics)
  • RE: Vulnerability Assessment Checklists?
    ... you did not have access to the Internal network. ... Subject: Vulnerability Assessment Checklists? ... I've finished my Security+, and am almost through my Security Certified ... I'm looking for some basic tips and resources (checklists or templates?) ...
    (Security-Basics)
  • Re: Security for my notebook on public wireless
    ... there's the security documents from SANS: ... Lots of checklists and articles to dig through. ... I missed on about half of the security tests. ... but the latest greated update, fix, utility, or spyware you've ...
    (alt.internet.wireless)
  • Re: [fw-wiz] PCI DSS & Firewalls
    ... Security Technical Implementation Guide? ... checklists (there are checklists in ... Finding - You have more than one user in the Administrators group on the ... Finding - You do not have a backup Administrator account on the machine. ...
    (Firewall-Wizards)