Re: Security Questions(s)

From: Mary Chipman (mchip@nomail.please)
Date: 02/14/03

• Next message: Mary Chipman: "Re: Using database roles for security"
• Previous message: Adam Kinney: "External Access to an SQL Server"
• In reply to: djc: "Security Questions(s)"
• Next in thread: djc: "Re: Security Questions(s)"
• Reply: djc: "Re: Security Questions(s)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: Mary Chipman <mchip@nomail.please>
Date: Fri, 14 Feb 2003 11:54:16 -0500

 Access security is easily breached. A google search will turn up both
code and services where you can pay a nominal fee to bypass it. You
should ALWAYS use security on the server unless you really don't care
and are only looking to deter the ignorant and unmotivated.

Here's some free resources to help get you started securing your SQL
Server:
http://www.microsoft.com/sql/techinfo/administration/2000/security/securingsqlserver.asp
http://www.microsoft.com/sql/downloads/securitytools.asp
http://www.microsoft.com/sql/techinfo/administration/2000/securityWP.asp
http://www.sqlsecurity.com/

-- Mary
Microsoft Access Developer's Guide to SQL Server
http://www.amazon.com/exec/obidos/ASIN/0672319446

On Wed, 12 Feb 2003 07:59:08 -0500, "djc"
<david.copenhaver@hesstech.com> wrote:

>subject: database security: access mdw files verses SQL server
>authentication (either sql or windows integrated)
>
>current database setup: MS access2002 front-end forms and backend tables.
>security: mdw file.
>
>1. We are going to move the 'backend' of our database into SQL server 2000
>and keep the frontend forms in Access2002. Should we change to SQL Server's
>security mechanisms or stick with the access mdw files?
>
>2. What are the basic differences between SQL security and Access .mdw file
>security?
>
>3. Is using mdw files a reasonable method for security when the backend
>tables are in SQL Server?
>
>any help is greatly appreciated,
>Thanks.
>
>

---

• Next message: Mary Chipman: "Re: Using database roles for security"
• Previous message: Adam Kinney: "External Access to an SQL Server"
• In reply to: djc: "Security Questions(s)"
• Next in thread: djc: "Re: Security Questions(s)"
• Reply: djc: "Re: Security Questions(s)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages RE: SQL Slammer doing the rounds again? ... SQL Slammer doing the rounds again? ... "I used to hate writing assignments, ... > Security Business Unit ... > at the largest, most highly-anticipated industry ... (Incidents) Re: sql injection query ... escapes the values so this alone greatly enhances security. ... there was a post here a while ago about Validating SQL ... these regex's were very good] so he had no worries about Injection. ... wanted to know if I call a storedprocedure like this I would be similarly ... (microsoft.public.dotnet.framework.adonet) TeamSHATTER Security Advisory: SQL Injection in Oracle EM (advReplicationAdmin) (CVE-2013-03 ... TeamSHATTER Security Advisory ... SQL Injection in Oracle Enterprise Manager (advReplicationAdmin) ... This vulnerability allows to execute SQL ... (Bugtraq) [Full-disclosure] TeamSHATTER Security Advisory: SQL Injection in Oracle EM (streams queue) (CVE ... TeamSHATTER Security Advisory ... SQL Injection in Oracle Enterprise Manager ... This vulnerability allows to execute SQL statements in the ... (Full-Disclosure) [Full-disclosure] TeamSHATTER Security Advisory: SQL Injection in Oracle EM (advReplicationAdmin ... TeamSHATTER Security Advisory ... SQL Injection in Oracle Enterprise Manager (advReplicationAdmin) ... This vulnerability allows to execute SQL ... (Full-Disclosure)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.sqlserver.security  > 2003-02