Re: Locking down SQL Server 2005
- From: "Uri Dimant" <urid@xxxxxxxxxxx>
- Date: Wed, 20 Sep 2006 11:49:39 +0300
Take a look at
VIEW ANY DATABASE and VIEW DEFINITION commands in the BOL
"Thomas Pauls" <Thomas Pauls@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:4EDA6956-2C8A-4BEA-AC3A-0E6AAEF6C2A3@xxxxxxxxxxxxxxxx
Microsoft says that the SQL Serve 2005 is secure by default. But what can
you
additionally do, to secure the server?
I'm thinking of turning off protocols, that are not needed (i.e. Named
Pipes), setting Windows Authentication only, enable SSL encryption,
letting
the "Surface Area Configuration for Features" features disabled or
applying
the hisecws security template on the server.
Should stored procedures, that are not needed be disabled or deleted, or
should the "BUILTIN\Administrators" Group be removed from the sysadmin
role?
As far as I know, the "Security Configuration Wizard", that came with
Windows Server 2003 SP1 has no Role for "SQL 2005".
Do you have further proposals or is there a locking down guide for SQL
Server 2005?
Thx for your Help
.
- Prev by Date: Re: Security to document databases
- Next by Date: RE: encryption optimization
- Previous by thread: Re: Security to document databases
- Next by thread: Couldn't connect to my server from client
- Index(es):
Relevant Pages
|
