Securing SQL Server
Protecting Your Database from Attackers
By- Denny Cherry, (MCSA, MCDBA, MCTS, MCITP, MCM) has been working with Microsoft technology for over 15 years starting with Windows 3.51 and SQL Server 6.5.
There is a lot at stake for administrators taking care of servers, since they house sensitive data like credit cards, social security numbers, medical records, and much more. In Securing SQL Server you will learn about the potential attack vectors that can be used to break into your SQL Server database, and how to protect yourself from these attacks. Written by a Microsoft SQL Server MVP, you will learn how to properly secure your database, from both internal and external threats. Best practices and specific tricks employed by the author will also be revealed. Learn expert techniques to protect your SQL database environment.
,
Published: January 2011
Imprint: Syngress
ISBN: 978-1-59749-625-4
Reviews
-
"
Denny Cherry is what would happen if Bill Gates and AC/DC got together to create a sibling. Hes a bare-knuckles, no holds-barred technologist, and you can bet that if he tells you that something does or doesnt work, hes speaking from experience. Active in the community, his passion is sharing. Youll enjoy this book ."-Buck Woody, Senior Technology Specialist, Microsoft "Securing SQL Server is a must read for any architect or database administrator wanting to secure their SQL Servers. Given the sensitive data that SQL Servers could hold, it is vital that one understands the potential attacks and how to protect yourself from them. This is the book to help you understand."-InfoSecReviews Book Awards
Contents
Chapter 1: Securing the Network
Securing the Network
Public IP Addresses vs. Private IP Addresses
Accessing SQL Server from HomePhysical Security
Social EngineeringFinding the instances
Testing the Network SecuritySummary
ReferencesChapter 2: Database Encryption
Database EncryptionEncrypting Data within Tables
Encrypting Data at RestEncrypting Data on the Wire
Encrypting Data with MPIO DriversEncrypting Data via HBAs
SummaryReferences
Chapter 3: SQL Password SecuritySQL Server Password Security
Strong PasswordsEncrypting Client Connection Strings
Application RolesUsing Windows Domain Policies to Enforce Password Length
SummaryReferences
Chapter 4: Securing the InstanceWhat to install and when
SQL Authentication and Windows AuthenticationPassword change policies
Auditing failed loginsRenaming the sa account
Disabling the sa accountSecuring Endpoints
Stored Procedures as a security measureMinimum Permissions Possible
Linked ServersUsing Policies to secure your instance
SQL Azure Specific SettingsInstances that leave the office
SummaryChapter 5: Additional Security for an Internet Facing SQL Server and Application
SQL CLRExtended Stored Procedures
Protecting your connection stringsDatabase Firewalls
Clear virtual memory pagefileUser Access Control (UAC)
Other domain policies to adjustReporting Services
SummaryChapter 6: SQL Injection Attacks
What is a SQL Injection Attack?Why are SQL Injection Attacks so Successful?
How to Protect Yourself from a SQL Injection AttackCleaning Up the Database After a SQL Injection Attack
SummaryReferences
Chapter 7: Database Backup SecurityOverwriting Backups
Media Set and Backup Set PasswordsBackup Encryption
Transparent Data EncryptionCompression and Encryption
Offsite BackupsSummary
ReferencesChapter 8: Auditing for Security
Login AuditingData Modification Auditing
Data Querying AuditingSchema Change Auditing
Using Policy Based Management to ensure policy ComplianceC2 Auditing
Common Criteria ComplianceSummary
ReferencesChapter 9: Server Rights
OS Rights needed by the SQL Server ServiceOS Rights needed by the DBA
OS Rights needed to install Service PacksOS Rights needed to access SSIS remotely
Console Apps Must DieDefault sysadmin rights
Vendors and the sysadmin fixed server roleSummary
Appendix A: External Audit ChecklistsPCI DSS
Sarbanes-OxleyHIPPA
SummaryReferences
