SQL Server Performance

Log in or Sign up

Hacking a SQL Server

Discussion in 'Please Tell Us What You Think' started by dineshasanka, May 4, 2005.

dineshasanka Moderator

Hacking a SQL Server is always talking point when we discussed the implementation of a Sql Server
Read this for more information which is written by Joel Scambray and Stuart McClure
http://www.eeproductcenter.com/analog/review/showArticle.jhtml?articleID=162100375

dineshasanka, May 4, 2005

#2
Argyle New Member

The issue here is administrators and application programmers who have no concept of security. This is not a SQL Server issue. Build a non secure interface or use high privilige accounts with weak passwords and you are asking for trouble, be it SQL Server or any other database or backend system.

Argyle, May 5, 2005

#2
ghemant Moderator

Dear Sir,
If we dont have password for "SA" or a weak password and any single machine is accessing Internet outside then hacker can perform SQL INJECTION....so the best practice is to have a strong password and staying behind firewall and most important ristrict outbound connection from SQL Port(1433 or better change the port)outside lan.

hsGoswami
ghemant@gmail.com

ghemant, Jun 2, 2005

#2
dineshasanka Moderator

not only that there are few more things to do
http://vyaskn.tripod.com/sql_server_security_best_practices.htm
for comprehensive security in SQL Server,
look http://www.sqlsecurity.com/DesktopDefault.aspx

dineshasanka, Jun 2, 2005

#2

(You must log in or sign up to reply here.)

Share This Page