Re: how to determine which user changed permission?

From: Hari Prasad (hari_prasad_k_at_hotmail.com)
Date: 08/16/05

• Next message: Julia: "Re: Permission"
• Previous message: i-DLT: "Re: how to determine which user changed permission?"
• In reply to: i-DLT: "Re: how to determine which user changed permission?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 16 Aug 2005 13:49:36 +0530

Hi,

If you enable the C2 Auditing please monitor your hard drive very closely.
Since C2 Audit will audit all actions in backend and wil cause
the trace file to grow heavily. THis will eat your hard drive and can even
cause downtime if you direct the trace file
to either data drive or system drive. So it is always good to allways direct
the trace to a un-used drive.

Thanks
Hari
SQL Server MVP

"i-DLT" <iDLT@discussions.microsoft.com> wrote in message
news:C5DE8B75-5C3F-4DE3-87CC-9EEAA3786FCE@microsoft.com...
> Thx I downloaded LogPI Demo and will try to pinpoint where the security
> leak
> is coming from. I also will turn on C2 Auditing on all of my instances.
>
> Thx Mike
>
> "Mike Epprecht (SQL MVP)" wrote:
>
>> Hi
>>
>> Unless you are running full transaction logging, and have the logs backed
>> up, you can't use any tools like LogPi www.lop.pi and Log Explorer
>> http://www.lumigent.com/products/le_sql.html to view what happened.
>>
>> Regards
>> --------------------------------
>> Mike Epprecht, Microsoft SQL Server MVP
>> Zurich, Switzerland
>>
>> IM: mike@epprecht.net
>>
>> MVP Program: http://www.microsoft.com/mvp
>>
>> Blog: http://www.msmvps.com/epprecht/
>>
>> "i-DLT" <iDLT@discussions.microsoft.com> wrote in message
>> news:11DF54D1-127C-4053-8EA4-3FE665BF4B0D@microsoft.com...
>> >I have a problem administering my sql server security, I suspect there
>> >are
>> > several users with excessive permissions and they themselves are
>> > granting
>> > and
>> > modifying permissions for other users, the problem is that I am not
>> > running
>> > in C2 Audit mode, is there any other way to check which users have
>> > modified
>> > permissions for other users in, lets say the last month or so?
>> >
>> >
>>
>>
>>

---

• Next message: Julia: "Re: Permission"
• Previous message: i-DLT: "Re: how to determine which user changed permission?"
• In reply to: i-DLT: "Re: how to determine which user changed permission?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Action tracking ... Unless you are either running a trace, have c2 auditing, ... have some trigger mechanism to sort who did what and when, ... (microsoft.public.sqlserver.server) Re: Auditing ... If you use the feature in Enterprise Manager for Audit ... Profiler or a server trace. ... trace file. ... Stored Procedure to Create a SQL Server 2000 Blackbox ... (microsoft.public.sqlserver.security) Re: Only Bytecode, No .py Files ... We are seeing huge numbers of Linux audit messages ... your trace isn't showing attempts to open .py ... it's showing attempts to open the Curses library in the bash ... (comp.lang.python) Re: Setting up Trace in SQL ... > The company has a policy and states that we have to audit> our databases. ... >>SQL Server MVP ... But supposed if I were to re-start the DB, the>>> audit does not kick off at all coz the trace files still ... (microsoft.public.sqlserver.security) Best Practices for Auditing ... We would like to audit some sensitive information, ... sys admin role and we want to limit the ability of the sys ... trace, removing records from the trace, etc.), my ... (microsoft.public.sqlserver.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.sqlserver.security  > 2005-08