COVID-19 Update: We are currently shipping orders daily. However, due to transit disruptions in some geographies, deliveries may be delayed. To provide all customers with timely access to content, we are offering 50% off Science and Technology Print & eBook bundle options. Terms & conditions.
Securing SQL Server - 1st Edition - ISBN: 9781597496254, 9781597496261

Securing SQL Server

1st Edition

Protecting Your Database from Attackers

Author: Denny Cherry
eBook ISBN: 9781597496261
Paperback ISBN: 9781597496254
Imprint: Syngress
Published Date: 31st January 2011
Page Count: 272
Sales tax will be calculated at check-out Price includes VAT/GST
Price includes VAT/GST

Institutional Subscription

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.


Securing SQL Server: Protecting Your Database from Attackers provides readers with the necessary tools and techniques to help maintain the security of databases within their environment. It begins with a discussion of network security issues, including public versus private IP addresses; accessing an SQL server from home; physical security; and testing network security. The remaining chapters cover database encryption; SQL password security; SQL injection attacks; database backup security; security auditing; and server rights. The Appendix features checklists that database administrators can use to pass external audits.

Key Features

  • Named a 2011 Systems Administration Book by InfoSec Reviews
  • Author Denny Cherry is an MVP by Microsoft for his expertise in the SQL Server product
  • Learn expert techniques to protect your SQL database environment
  • Discover how to identify what an intruder accessed or damaged


Systems Administrators, Database Administrators, Application Developers, IT Managers

Table of Contents



Author Bio


Chapter 1 Securing the Network

Securing the Network

Public IP Addresses versus Private IP Addresses

Accessing SQL Server from Home

Physical Security

Social Engineering

Finding the Instances

Testing the Network Security


Chapter 2 Database Encryption

Database Encryption

Encrypting Data within Tables

Encrypting Data at Rest

Encrypting Data on the Wire

Encrypting Data with MPIO Drivers

Encrypting Data via HBAs


Chapter 3 SQL Password Security

SQL Server Password Security

Strong Passwords

Encrypting Client Connection Strings

Application Roles

Using Windows Domain Policies to Enforce Password Length


Chapter 4 Securing the Instance

What to Install, and When?

SQL Authentication and Windows Authentication

Password Change Policies

Auditing Failed Logins

Renaming the SA Account

Disabling the SA Account

Securing Endpoints

Stored Procedures as a Security Measure

Minimum Permissions Possible

Linked Servers

Using Policies to Secure Your Instance

SQL Azure Specific Settings

Instances That Leave the Office


Chapter 5 Additional Security for an Internet Facing SQL Server and Application


Extended Stored Procedures

Protecting Your Connection Strings

Database Firewalls

Clear Virtual Memory Pagefile

User Access Control (UAC)

Other Domain Policies to Adjust

Reporting Services


Chapter 6 SQL Injection Attacks

What Is an SQL Injection Attack?

Why Are SQL Injection Attacks So Successful?

How to Protect Yourself from an SQL Injection Attack

Cleaning Up the Database After an SQL Injection Attack


Chapter 7 Database Backup Security

Overwriting Backups

Media Set and Backup Set Passwords

Backup Encryption

Transparent Data Encryption

Compression and Encryption

Offsite Backups


Chapter 8 Auditing for Security

Login Auditing

Data Modification Auditing

Data Querying Auditing

Schema Change Auditing

Using Policy-Based Management to Ensure Policy Compliance

C2 Auditing

Common Criteria Compliance


Chapter 9 Server Rights

OS Rights Needed by the SQL Server Service

OS Rights Needed by the DBA

OS Rights Needed to Install Service Packs

OS Rights Needed to Access SSIS Remotely

Console Apps Must Die

Default Sysadmin Rights

Vendor’s and the Sysadmin Fixed-Server Role


Appendix A: External Audit Checklists



No. of pages:
© Syngress 2011
31st January 2011
eBook ISBN:
Paperback ISBN:

About the Author

Denny Cherry

Denny Cherry (MCSA, MCDBA, MCTS, MCITP, MCM) has been working with Microsoft technology for over 15 years starting with Windows 3.51 and SQL Server 6.5. In 2009, Denny was named as a Microsoft MVP for the Microsoft SQL Server product, and in 2011 Denny earned the Microsoft Certified Master certification for SQL Server 2008. Denny has written dozens of articles for a variety of websites as well as print magazines on a variety of subjects including SQL Server, Clustering, Storage Configuration, and SharePoint.

Affiliations and Expertise

(MCSA, MCDBA, MCTS, MCITP, MCM) has been working with Microsoft technology for over 15 years starting with Windows 3.51 and SQL Server 6.5.


Best Systems Administration Books 2011, InfoSec Reviews


"Denny Cherry is what would happen if Bill Gates and AC/DC got together to create a sibling. He’s a bare-knuckles, no holds-barred technologist, and you can bet that if he tells you that something does or doesn’t work, he’s speaking from experience. Active in the community, his passion is sharing. You’ll enjoy this book."

-Buck Woody, Senior Technology Specialist, Microsoft


"Securing SQL Server is a must read for any architect or database administrator wanting to secure their SQL Servers. Given the sensitive data that SQL Servers could hold, it is vital that one understands the potential attacks and how to protect yourself from them. This is the book to help you understand."

-InfoSecReviews Book Awards

Ratings and Reviews