Re: Protecting my database

From: Mark Broadbent (nospamplease_mark.broadbent_at_virgin.net)
Date: 07/17/03 

Date: Thu, 17 Jul 2003 13:43:35 +0100

hi Tariq, this was my reply another similar question
..."unfortunately regardless of the directory security, if
the machine is stolen NTFS security can be compromised extremely easily. It
is also (with the right knowledge) possible to easily change the local
administrator password -however I will add that these 'flaws' have been life
savers to me on a few occasions.
If we are talking Windows 2K the only real way to secure the database is
firstly to encrypt the database mdf (and ldf if you want ) and secure to a
DOMAIN account (removing access to anything else). Then configure and run
the sql service under this account.
This will mean that if your laptop is stolen the domain account would need
to be cracked (which should prove a hell of a lot more difficult) in order
to de-crypt, otherwise they will remain scrambled regardless of access to
the file (which is very easy to do)." 

-- 
BR,
Mark Broadbent mcse+i, mcdba
_________________________
"Tariq" <tarekj@hotmail.com> wrote in message
news:%23BwLJ$DTDHA.3116@TK2MSFTNGP10.phx.gbl...
> Hi,
>
> I want to protect my database from being read by unauthorized people.
>
> In other words, how can I prevent MyDB.MDF from being reattached in other
> servers?
>
> Regards,
> Tarek Al-Jamal
>
>
>
>

Relevant Pages

  • Re: *** Filter rules for latest attack ***
    ... and they regardless fine ... Better stem axiss now or Tariq will wistfully anticipate them ... Try studying the interior's equal pile and ...
    (sci.crypt)
  • Re: Protecting my database
    ... but how can I encrypt the database mdf? ... > DOMAIN account (removing access to anything else). ... otherwise they will remain scrambled regardless of access to ...
    (microsoft.public.sqlserver.security)