Re: Extended Stored PRocedures

From: Stephajn Craig (s.craig_at_NOSPAMfunsunvacations.com)
Date: 06/17/03

Next message: Wm. Scott Miller: "Change from LocalSystem to Account"
Previous message: Bronek Kozicki: "Re: sqlservr.exe unusual activity"
In reply to: Jasper Smith: "Re: Extended Stored PRocedures"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 17 Jun 2003 09:55:59 -0600

Thanks Jasper! Those helped a LOT!

--
Stephajn Craig
"Jasper Smith" <jasper_smith9@hotmail.com> wrote in message
news:u1uh#LENDHA.2200@TK2MSFTNGP11.phx.gbl...
> As Service/packs security hotfixes have come out post SP2 things
> have improved a lot from vanilla SP2 and previous. A plain SP2
> server is horendously vulnerable I'd agree.
>
> This lockdown script is a good start
> http://www.sqlsecurity.com/DesktopDefault.aspx?tabindex=4&tabid=12
> also the list here (about halfway down)
> http://www.sqlsecurity.com/DesktopDefault.aspx?tabindex=3&tabid=4
>
> Be aware that some of those in the second link are used by Enterprise
> Manager and so some functionality may be lost however this does not
> affect the functioning of SQL Server. How far you want to take it is up
> to you but please do test first :-)
>
> --
> HTH
>
> Jasper Smith (SQL Server MVP)
>
> I support PASS - the definitive, global
> community for SQL Server professionals -
> http://www.sqlpass.org
>
> "Stephajn Craig" <s.craig@NOSPAMfunsunvacations.com> wrote in message
> news:eNCwq2CNDHA.1072@TK2MSFTNGP11.phx.gbl...
> There are a number of stored procedures I cannot believe Microsoft enabled
> public access to by default.  Things like the xp_readerrorlog procedure
> allows a user to read a file of their choosing on the server!
>
> So how can I know which Extended Stored Procedures are absolutely
necessary
> and which ones I can safely disable access to or remove altogether.
>
> Thanks for any pointers in advance.
>
> --
> Stephajn Craig
>
>
>

Next message: Wm. Scott Miller: "Change from LocalSystem to Account"
Previous message: Bronek Kozicki: "Re: sqlservr.exe unusual activity"
In reply to: Jasper Smith: "Re: Extended Stored PRocedures"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Microsoft SQL Server 2005 SP2 Issue
... An issue was recently discovered with SQL Server 2005 SP2 which might impact ... primarily for customers who use cleanup tasks in maintenance plans and SQL ...
(microsoft.public.sqlserver.tools)
Microsoft SQL Server 2005 SP2 Issue
... An issue was recently discovered with SQL Server 2005 SP2 which might impact ... primarily for customers who use cleanup tasks in maintenance plans and SQL ...
(microsoft.public.sqlserver.setup)
Re: Maintenance Plan Changes in SQL Server 2005 SP2
... SP2 that affects existing cleanup tasks until updated using SQL Server SP2 ... You are affected if you use SQL Server 2005 maintenance plans, ... include a History Cleanup Task or a Maintenance Cleanup Task, ...
(microsoft.public.sqlserver.tools)
Re: Maintenance Plan Changes in SQL Server 2005 SP2
... SP2 Maintenance Plans still create SSIS packages. ... SP2 that affects existing cleanup tasks until updated using SQL Server ... You are affected if you use SQL Server 2005 maintenance plans, those plans include a History Cleanup Task or a Maintenance Cleanup Task, and you install SQL Server 2005 SP2. ...
(microsoft.public.sqlserver.tools)
RE: Determining AS 2005 Version/Edition
... I will try upgrading to SP2. ... Summary pane of SQL Server 2005 to the property menu of the server ... regional support phone numbers. ... Microsoft Online Community Support ...
(microsoft.public.sqlserver.olap)