Re: SQL Server 2000 - Service Manager
- From: "Sam Hobbs" <samuel@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 27 Dec 2005 22:52:59 -0800
"Don Grover" <dgrover@xxxxxxxxxxxxx> wrote in message
news:eXQWlQyCGHA.2596@xxxxxxxxxxxxxxxxxxxxxxx
>
> "jackwc" <jackwc@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:DD6543F9-782F-47F1-88C4-CACE6019AAFB@xxxxxxxxxxxxxxxx
>> On occasion, I will open Service Manager and I will see a Server Name
>> that I
>> do not recognize. I don't understand how it got there. The latest server
>> name
>> was USATLBMUTZ1. I am a beginner using SS2000. Is it possible for someone
>> to
>> hack their way into my local version from the outside? All I have is an
>> eval
>> version of SS2000 on my laptop. The only data on it are sample databases.
>> --
>> jackwc
>
> Assuming you have XP and are either using a router / Modem.
>
> Things that should be done.
> 1) Install XP SP2
> 2) Install all OS Updates.
> 3) Install latest SQL Service pack
> 4) Have no OS users loggins without passwords , Including Administrator
> 5) Have no SQL users loggins without passwords Including SA
> 6) If using MSSQL Mixed mode See 5
> 7) Configure XP Firewall.
> 8) Run free MS Base Line Security Analyser, (Its free) and implement any
> relevant changes.
>
> If all of the above are done then you should be resonably secure.
MBSA is an excelent suggestion; it will warn about most of the other items
when relevant.
Something else that MBSA will warn about is if the account used for SQL
Server provides too much privilege. The recomendation is to use an account
we create, right?
.
- References:
- Re: SQL Server 2000 - Service Manager
- From: Don Grover
- Re: SQL Server 2000 - Service Manager
- Prev by Date: Re: unable to run store procedure on remote server (win2k3sp1, sql2k sp4)
- Next by Date: Re: Got hacked and now cannot Generate SSPI context
- Previous by thread: Re: SQL Server 2000 - Service Manager
- Next by thread: Got hacked and now cannot Generate SSPI context
- Index(es):
Relevant Pages
|
