Microsoft's SQL Server is a widely used database. Many e-commerce websites and enterprise internal information platforms are based on SQL Server, most administrators think that as long as the network and operating system security is well done, all applications will be secure. Most system administrators are not familiar with databases, and database administrators are less concerned about security issues. In addition, some security companies ignore database security, which makes the database security problem more serious. Security Vulnerabilities and improper configuration in the database system usually cause serious consequences and are difficult to detect. Database applications are usually closely related to the highest administrator of the operating system. A wide range of SQL Server databases are "Port" databases, which means that anyone can use analysis tools to try to connect to the database, thus bypassing the operating system's security mechanism, then, it breaks into the system, destroys and steals data, and even destroys the entire system. Here, we will talk about the security configuration of the SQL Server2000 Database and some related security and usage issues. Before configuring SQL Server 2000 database security, you must configure the operating system security to ensure that your operating system is in a safe state. Then, perform necessary security audits on the database software (programs) You want to use, such as ASP and PHP scripts. This is a common security risk for many database-based WEB applications, the script is mainly a filtering problem. It needs to filter characters such as '; @/to prevent attackers from constructing malicious SQL statements. After installing SQL Server2000, install the patch sp1 and the latest sp2. After completing the above three steps, we will discuss the security configuration of SQL Server. 1. When using a secure password policy, we place the password policy in the first step of all security configurations. Note that the passwords of many database accounts are too simple, which is the same as the system password. Do not write the sa account password in an application or script. Robust passwords are the first step to security! When installing SQL Server in hybrid mode, you need to enter the sa password unless you confirm that you must use a blank password. This is better than the previous version.
At the same time, develop a good habit of regularly changing passwords. The database administrator should regularly check whether there are accounts that do not meet the password requirements. For example, use the following SQL statement:
Use master
Select name, Password from syslogins where password is null2, use a secure account policy. Because SQL Server cannot change the sa user name or delete this super user, we must provide the strongest protection for this account, including using a very strong password, it is recommended that you do not use the sa account in database applications. SAS is used only when no other method is available to log on to the SQL Server instance (for example, when other system administrators are unavailable or forget the password. It is recommended that the database administrator create a super user with the same permissions as sa to manage the database. Secure account policies also include preventing account flooding with administrator permissions. SQL Server authentication modes include Windows Authentication and Hybrid Authentication. If the Database Administrator does not want the operating system administrator to log on to the database through the operating system, he or she can delete the system account "BUILTIN \ Administrators" in account management. However, the result is that once the sa account forgets the password, there is no way to restore it. Many hosts use database applications for simple functions such as query and modification. Please assign accounts as needed and grant only the permissions that meet the application requirements and needs. For example, as long as the query function is available, a simple public account can be used to select. 3. Strengthen the record of database logs to review the "Failure and Success" of database logon events, select "security" in instance properties, and select all audit levels, in this way, the logon events of all accounts are recorded in the database system and operating system logs.
Check SQL Server logs regularly to check for any suspicious logon events or use the DOS command.
Findstr/C: "login" d: \ Microsoft SQL Server \ MSSQL \ LOG \*. * 4. Manage the extended stored procedure to perform major operations on the stored procedure, and exercise caution when calling the Extended Stored Procedure for the account. In fact, most applications do not use much system stored procedures. SQL Server's multi-system stored procedures are only used to meet the needs of users. Therefore, delete unnecessary stored procedures, because the stored procedures of some systems can be easily exploited to escalate permissions or destroy them.
If you do not need to extend the Stored Procedure xp_mongoshell, remove it. Use this SQL statement: use master
Sp_dropextendedproc 'xp _ shortshell' xp _ shortshell is the best shortcut to the operating system and a large backdoor left by the database to the operating system. If you need this stored procedure, use this statement to restore it. Sp_addextendedproc 'xp _ external shell', 'sqlsql70. dll'
If you do not need to discard the OLE Automatic stored procedure (which may cause some features in the manager to be unavailable), these procedures include: Sp_OACreate
Sp_OADestroy
Sp_OAGetErrorInfo
Sp_OAGetProperty
Sp_OAMethod
Sp_OASetProperty
Sp_OAStop removes the undesired Stored Procedure for registry access. The Registry Stored Procedure can even read the password of the Operating System Administrator as follows: Xp_regaddmultistring
Xp_regdeletekey
Xp_regdeletevalue
Xp_regenumvalues
Xp_regread
Xp_regremovemultistring
Xp_regwrite also has some other extended stored procedures, and you 'd better check them. When processing the stored procedure, check to avoid damage to the database or application. 5. Use the protocol to encrypt the Tabular Data Stream protocol used by SQL Server 2000 for network Data exchange. If it is not encrypted, all network transmission is in plaintext, including passwords and database content, this is a big security threat. Attackers can intercept what they need on the Internet, including database accounts and passwords. Therefore, it is best to use SSL to encrypt the protocol when conditions permit. Of course, you need a certificate to support it. 6. Do not let people detect your TCP/IP Port. By default, SQL Server uses port 1433 for listening. Many people say that SQL Server should change this port When configuring, in this way, the user cannot easily know the port used. Unfortunately, it is easy to know what TCP/IP Port is used by SQL Server through the UDP detection of port 1434 that Microsoft has not published. However, Microsoft still considered this issue. After all, open and open ports will cause unnecessary troubles. Select the TCP/IP protocol attribute from the instance attributes. Select to hide the SQL Server instance. If the SQL Server instance is hidden, it is prohibited to respond to broadcasts from clients that attempt to enumerate existing SQL Server instances on the network. In this way, no one else can use 1434 to detect your TCP/IP Port (unless using Port Scan ). 7. Modify the default port 1433 based on the previous configuration. In instance properties, select the TCP/IP protocol attribute in the network configuration to change the default port used by TCP/IP to another port. 8. Reject detection from port 1434 because there is no limit on port 1434, some database information can be detected by others, and DOS attacks may also increase the CPU load on the database server, therefore, for Windows 2000 operating systems, the IPSec filter rejects UDP Communication at port 1434, which can hide your SQL Server as much as possible. 9. the SQL Server 2000 database system does not provide a security solution for network connections, but Windows 2000 provides such a security mechanism. You can use the operating system's own IPSec to implement the security of IP packets. Restrict IP connections to ensure that only the IP address can be accessed, and deny port connections from other IP addresses to effectively control security threats on the network.
Some of the SQL Server security configurations described above can enable SQL Server to have sufficient security defense capabilities. Of course, it is more important to strengthen internal security control and administrator security training. In addition, security issues are a long-term solution process and more security maintenance is required in the future.
