SQL Server databases are increasingly used in enterprises, and security is becoming more and more prominent. In particular, since recently, a new network attack technology has rapidly become popular on the Internet, namely "SQL Injection", commonly known as "script Injection attacks ", as long as the system is targeted by criminals and the database you use is SQL Server 2000, the probability of successful intrusion is as high as 90%.
How to enhance database security? This article will introduce you to the 17 tips for protecting SQL Server 2000 database security configurations.
First, check whether the latest security patches for the operating system and SQL Server have been installed. Many hacker attacks do not steal data by exploiting SQL Server Vulnerabilities, but by operating system vulnerabilities and then entering the database.
Second, select a network protocol that considers maximum security but does not affect functionality based on the business system requirements. Such as TCP/IP protocol and named pipe.
Step 3: SQL Server's "SA" account is empty by default. Set a password that is complex enough and long enough to enhance its security. At the same time, save the password in a safe place.
Configuration method: Start → all programs → Microsoft SQL Server → enterprise manager, expand the root directory of the console, select "security", expand, and click "Log on ", you can see the SA user in the user list on the right. Double-click the SA user to change the SA user password.
The fourth step is to create a dedicated account for querying SQL Server services as a low-privilege user. Do not use LocalSystem or SA. This account should have the minimum right. For example, it can only execute Select statements and has no permission for other DDL statements.
Configuration method: Expand the root directory of the console, select "Database", and click "user". The authorized users are displayed in the user list on the right, by default, only "SA" and "Guest" Users are allowed. Double-click the created low-permission account to open the database user attributes. Select the database role to have as low permissions as possible. Open the "permission" button and grant the user the corresponding permissions. It is best to grant all Select query permissions.
Fifth, check that the SQL server system is installed in the NTFS partition and the permission control list is applied. If hackers obtain access to the database system, this layer of permission can prevent intruders from further damaging data. Windows 2000 or 2003 Server must be installed in the NTFS partition.
Configuration method: Find the SQL Server installation folder, which is installed in the "X: Program FilesMicrosoft SQL Server" directory by default. Right-click and select "properties ". Note: Do not share the "share" attribute tab. Click security. Only authorized users can access this folder.
Sixth, the Xp_cmdshell command is strictly prohibited. Restrict all accounts to operate and use XP_cmdshell. If a hacker or other malicious person has the permission to operate the command, the hacker can easily obtain the permission of the system administrator.
7. Disable object connection and embed Automated Storage programs in the business application system if you do not need them. Some Enterprise Manager functions may be lost when these storage programs are disabled. For example, DTS data import and export. Disable some registry access programs.
Note: If the stored procedures Xp_regread and xp_regwrite are deleted, some main functions, including log and SP installation, will be affected. We recommend that you retain it.
Eighth, disable remote server connection. If remote Server connection is allowed, intruders can install SQL Server on their own machines to connect to the database on your Server. This is a dangerous level of security risk.
Configuration method: Expand the console root directory, select "(Local) Windows NT", right-click, select "properties", and select the "connection" tab in the configuration window, remove the option "allow other SQL servers to remotely connect to this SQL Server using RPC. This prevents other users from using malicious connections to the database.
9. Pay attention to the physical security of the SQL Server. Irrelevant personnel are prohibited from entering the data room. The Server is locked in the cabinet, and the key security is important. As long as you have the opportunity to attack the Server, you will find a method to attack the Server.
10. In the system, many people do not have the habit of setting passwords. Users who use a blank password in the audit must use a secure password.
Use the following statements to obtain accounts that do not use a password from an existing user:
Select name, Password from syslogins where password is null
The execution result shows that four of the current passwords in the business system are empty, including the SA Superuser password.
11th users are not allowed to log on to SQL Server interactively. This rule applies to any server. Once a user can interactively enter a server, the administrator privilege may be used to obtain the administrator privilege.
Solution: Disable Remote Terminal Services and Windows 2003 Web management.
12th enable mixed-mode security authentication. By default, only audit fails are performed. We recommend that you use "SQL Server and Windows" for authentication and "all" for audit level ". "None" indicates that the review is not performed; "successful" indicates that only successful login attempts are reviewed; "failed" indicates that only failed login attempts are reviewed; "All" indicates successful and failed login attempts.
Configuration method: Expand the console root directory, select "(Local) Windows NT", right-click, select "properties", and select the "Security" tab in the configuration window, select "all" for review level to record all authentication status.
13th check SQL log files on a regular basis to retrieve information about successful logon or logon failures, so as to find any illegal intruders who have made multiple database logon attempts.
Configuration method: Expand the root directory of the console, select "manage", expand, and select "SQL Server log". In the list of windows on the right, open the selected log file with detailed records on it.
14th formulate strict Database Backup policies. This is the most important task in database management. At the same time, it can simulate possible disasters under the conditions allowed, simulate the test environment, prevent the effectiveness of data protection, reduce the probability of failure, and minimize the system disaster recovery time.
15th if conditions permit, database files and log files are stored separately on different physical storage devices. In the event of a catastrophic failure, such as hardware damage, data files and logs are stored together, there is no means to restore the data. If data is backed up and the log file is stored in another location, and the log file is not damaged, data may be recovered. Data Security Level Definition: High.
Configuration method: double-click the database file name to open the database properties. Click the "Data Files" tab to set the location where the data files are stored. Click the "transaction log" tab to set the location where the log is stored.
16th select the database fault recovery model. We recommend that you select the "full" mode.
SQL Server2000 supports three methods of database fault recovery model: simple, complete, and large-capacity log records. The advantages and disadvantages are shown in table 1.
Configuration method: select the database name, right-click and select properties, and click the "options" tab. There is a 'model' section under the fault return atom section, and select the model method to be set.
17th disable the system directory direct modification function under server behavior. If this function is enabled, you can use the extended stored procedure in the database architecture to modify files or other information in the system directory, or upload malicious code in the database architecture. This is something that everyone does not want to see. Security risk level: High.
Configuration method: Right-click the database server and select "Server Settings". In the "server behavior" field, close the "system directory for direct modification ".
The above describes the 17 methods for Security Configuration of SQL Server 2000 databases. as long as these methods are used properly, security management is not a problem.
In a simple mode, the capacity of the log files generated by the model is small for easy retrieval. If data corruption occurs, data cannot be recovered.
Large-capacity log records all database operations in the fault recovery model will be retained, and the log file will be too large. Generate a huge log file. If the data file is damaged, the data in the database can be completely restored.
The full restoration model retains all database data operations, and does not generate a moderate log file for some operation records of the database. You can also recover the database data in sufficient detail.