1. install the latest service package
to improve server security, the most effective method is to upgrade to SQL Server 2000 Service Pack 3A (sp3a ).
In addition, you should install all released security updates.
2. use Microsoft Baseline Security Analyzer (mbsa) to evaluate server security
mbsa is a tool that scans insecure configurations of multiple Microsoft products, includes SQL Server and Microsoft SQL Server 2000 Desktop Engine (MSDE 2000 ). It can run locally or through the network. This tool detects the following problems:
1) Too many SysAdmin fixed server role members.
2) authorize a role other than SysAdmin to create a cmdexec job.
3) Empty or simple password.
4) Fragile Authentication mode.
5) grant excessive permissions to the Administrator group.
6) incorrect access control table (ACL) in the SQL server data directory ).
7) use the plain text SA password in the installation file.
8) grant excessive permissions to the Guest account.
9) run SQL server in a system that is also a domain controller.
10) if the owner (everyone) group is incorrectly configured, access to the specific registry key is provided.
11) the SQL Server service account is incorrectly configured.
12) No necessary service packages and security updates are installed.