Several steps to improve SQL Server database system security

To improve the security of the SQL Server database system and improve the database's ability to defend against intrusions, we need to take several steps to achieve this goal. For example, installing the latest patch for SQL Server is only part of server management, and user supervision is also an important step. We will introduce the following parts:

Query the latest service package

We want to ensure that you always have the latest service package. For SQL Server2000, this is SQL/downloads/2000/sp3.asp "> sp3a. Remember that there are multiple service packages. If sp3a is applied, you do not have to use the previous service packages, such as SP3, SP2, or SP1. SP3 is a special service package. Once installed, it will no longer use any previous upgrades.ProgramBut it requires that SP1 or SP2 have been installed.

Register Security Alerts

Although the service package helps your SQL Server database avoid many threats, they still cannot solve the security problems of fast running, such as attackers and worms. We need to register Microsoft's free security notification service, which will notify you via email about any intrusion into your security system and how to solve the problems.

Run Microsoft Baseline Security Analyzer (mbsa)

This tool targets SQL Server and msde2000 desktop engines. It can be used locally or online. It uses password, access permission, access control list, registration, and other methods to find problems, and it finds the lost security package or service package. You can find related information on technet.

Delete SA and old password

A common security mistake we make is not to change the system management password. You will easily ignore the installation files and remaining configuration information, without well-protected authentication information and other sensitive data, which may be attacked. You must delete the old installation file: program Files/Microsoft SQL Server/MSSQL/install or program files/Microsoft SQL Sever/MSSQL/install or program files/Microsoft SQL Server/MSSQL $ content $ lt; instanceName>/install folders. similarly, use the killpwd tool to find out the old passwords and delete them. For more information, see Knowledge Base article263968.

Monitoring connection

The connection tells us who is trying to access SQL Server, so monitoring connection is a good way to ensure database security. For a large running SQL Server, too many link data may need to be monitored. However, it is necessary to monitor the failed links because they may represent some attempts. You can log on to the enterprise manager with the failed links. 1. Right-click the server and select Properties ). 2. Click the Security tab and select failure under audit level. 3. Stop and restart the server to get the start of the check.

This article from: http://soft.chinabyte.com/45/7719545.shtml