Re: Best practise for SQL Server 2000 Security

From: John Bell (jbellnewsposts_at_hotmail.com)
Date: 09/25/04 

Date: Sat, 25 Sep 2004 20:35:56 +0100

Hi

Most security issues are implemented when installing the server as when you
create the databases security should be an intrinsic part of their creation.
Once installed you should always be looking at patches and monitoring for
possible breaches.

Security is not only a database issue, but also a
server/domain/company/staff issue and you should make sure that you are
co-ordinated with all the different people in your organisation and not only
concentrating on the one area.

These links may help:
http://www.sqlsecurity.com/DesktopDefault.aspx?tabindex=0&tabid=1
http://www.microsoft.com/security/default.mspx

John

"Jos" <josnospambranders@fastmail.fm> wrote in message
news:OkAzX6toEHA.596@TK2MSFTNGP11.phx.gbl...
> Who can give me a simple checklist to follow (best practices for security)
> when
> 1) Setting up a SQL Server
> 2) Setting up a new database
>
> I mean: right after installing a server or a database,
> do you systematically take additional security measures?
>
> I'm using books to teach myself about SQL Server, but these
> best practices are something you rarely find in books.
> I found a list here:
>
http://www.microsoft.com/technet/prodtechnol/sql/2000/maintain/sp3sec04.mspx
> but I really would like to hear from you, what you do in
> "every day" SQL Server administration.
>
> Thanks in advance,
>
> --
>
> Jos
>
>

Relevant Pages

  • Re: number of critical errors occurred on SBS 2003
    ... SharePoint 3 has been around for a while for SBS, and if it were installing with the database security defaulting to an incorrect setting, that would be well known by now. ... I would check all the installation docs and the release notes, but I would assume the security is correct unless you find written documentation to the contrary. ... mode of the SQL Server in regards to event ID: ...
    (microsoft.public.windows.server.sbs)
  • Re: SceCli Error 1202 filling up the Event Log!
    ... > after restarting the Win2003 server, the secedit.sdb database does not get ... >>> security database and have it recreated. ... >>> configuration\windows settings\security settings, you should inventory ...
    (microsoft.public.win2000.advanced_server)
  • Re: iis config
    ... IISlockdown including URLscan and hfnetchk and signing up for the microsoft ... security patches newsletter and installing patches as soon as they come out] ... If you're planning on doing your own security, ... on your server, this may be a false alarm. ...
    (microsoft.public.inetserver.iis.security)
  • RE: Script for find dominos users
    ... The key lies in the fact that Domino web servers will ... "404" nonexistent URI if the database does not. ... Choose not to allow email through the web (Application Security, ... server's server document. ...
    (Bugtraq)
  • Re: hardware firewall
    ... >> comment was about firewalls and security based on his question. ... he wanted to limit the connections to his Windows development web server ... month and am installing over $328K worth of them next week. ... >> I would assume, from your comment, that you've never run a Windows based ...
    (comp.security.misc)