Securing SQL Server
Protecting Your Database from Attackers
- 1st Edition - December 27, 2010
- Author: Denny Cherry
- Language: English
- eBook ISBN:9 7 8 - 1 - 5 9 7 4 9 - 6 2 6 - 1
Securing SQL Server: Protecting Your Database from Attackers provides readers with the necessary tools and techniques to help maintain the security of databases within their… Read more
Securing SQL Server: Protecting Your Database from Attackers provides readers with the necessary tools and techniques to help maintain the security of databases within their environment. It begins with a discussion of network security issues, including public versus private IP addresses; accessing an SQL server from home; physical security; and testing network security. The remaining chapters cover database encryption; SQL password security; SQL injection attacks; database backup security; security auditing; and server rights. The Appendix features checklists that database administrators can use to pass external audits.
- Named a 2011 Systems Administration Book by InfoSec Reviews
- Author Denny Cherry is an MVP by Microsoft for his expertise in the SQL Server product
- Learn expert techniques to protect your SQL database environment
- Discover how to identify what an intruder accessed or damaged
Systems Administrators, Database Administrators, Application Developers, IT Managers
Dedication
Acknowledgments
Author Bio
Introduction
Chapter 1 Securing the Network
Securing the Network
Public IP Addresses versus Private IP Addresses
Accessing SQL Server from Home
Physical Security
Social Engineering
Finding the Instances
Testing the Network Security
Summary
Chapter 2 Database Encryption
Database Encryption
Encrypting Data within Tables
Encrypting Data at Rest
Encrypting Data on the Wire
Encrypting Data with MPIO Drivers
Encrypting Data via HBAs
Summary
Chapter 3 SQL Password Security
SQL Server Password Security
Strong Passwords
Encrypting Client Connection Strings
Application Roles
Using Windows Domain Policies to Enforce Password Length
Summary
Chapter 4 Securing the Instance
What to Install, and When?
SQL Authentication and Windows Authentication
Password Change Policies
Auditing Failed Logins
Renaming the SA Account
Disabling the SA Account
Securing Endpoints
Stored Procedures as a Security Measure
Minimum Permissions Possible
Linked Servers
Using Policies to Secure Your Instance
SQL Azure Specific Settings
Instances That Leave the Office
Summary
Chapter 5 Additional Security for an Internet Facing SQL Server and Application
SQL CLR
Extended Stored Procedures
Protecting Your Connection Strings
Database Firewalls
Clear Virtual Memory Pagefile
User Access Control (UAC)
Other Domain Policies to Adjust
Reporting Services
Summary
Chapter 6 SQL Injection Attacks
What Is an SQL Injection Attack?
Why Are SQL Injection Attacks So Successful?
How to Protect Yourself from an SQL Injection Attack
Cleaning Up the Database After an SQL Injection Attack
Summary
Chapter 7 Database Backup Security
Overwriting Backups
Media Set and Backup Set Passwords
Backup Encryption
Transparent Data Encryption
Compression and Encryption
Offsite Backups
Summary
Chapter 8 Auditing for Security
Login Auditing
Data Modification Auditing
Data Querying Auditing
Schema Change Auditing
Using Policy-Based Management to Ensure Policy Compliance
C2 Auditing
Common Criteria Compliance
Summary
Chapter 9 Server Rights
OS Rights Needed by the SQL Server Service
OS Rights Needed by the DBA
OS Rights Needed to Install Service Packs
OS Rights Needed to Access SSIS Remotely
Console Apps Must Die
Default Sysadmin Rights
Vendor’s and the Sysadmin Fixed-Server Role
Summary
Appendix A: External Audit Checklists
Index
- Edition: 1
- Published: December 27, 2010
- Language: English
DC
Denny Cherry
Denny Cherry (MCSA, MCDBA, MCTS, MCITP, MCM) has been working with Microsoft technology for over 15 years starting with Windows 3.51 and SQL Server 6.5. In 2009, Denny was named as a Microsoft MVP for the Microsoft SQL Server product, and in 2011 Denny earned the Microsoft Certified Master certification for SQL Server 2008. Denny has written dozens of articles for a variety of websites as well as print magazines on a variety of subjects including SQL Server, Clustering, Storage Configuration, and SharePoint.
Affiliations and expertise
(MCSA, MCDBA, MCTS, MCITP, MCM) has been working with Microsoft technology for over 15 years starting with Windows 3.51 and SQL Server 6.5.Read Securing SQL Server on ScienceDirect