Locking Down SQL Server 2000

By Jim Rapoza  |  Posted 2004-01-12 Print this article Print

eWEEK Labs recommends the best ways to lock down vulnerable machines.

While the Blaster worm and Sobig virus garnered the lions share of attention and fear last year, 2003 began with a worm that caused many headaches for administrators of Microsoft Corp.s SQL Server 2000. The SQL Slammer worm, which exploited a known and patched hole in SQL Server 2000, crashed servers and brought networks to their knees. In multiple tests held recently at eWEEK Labs, an unpatched SQL Server system became infected with SQL Slammer in less than 10 minutes. However (and amazingly), a year after SQL Slammer first struck, there are still many vulnerable and unpatched SQL Server systems on the Internet.

Securing SQL Server

  • Stay up-to-date with service packs
  • Quarantine new or unpatched SQL Server systems until theyre secured
  • Perform offline testing of patches
  • Use a strong, regularly changed sa password and, if applications permit, Windows authentication
  • Block the ports on which SQL Server listens for connections
  • Make use of vulnerability assessment and patch management tools
  • Make sure applications that attach to SQL Server are secure
  • Check multiple resources for SQL Server information
  • Clearly, there are many people who havent gotten the message when it comes to patching and securing SQL Server 2000.

    Compounding the trouble is the fact that MSDE 2000 (Microsoft SQL Server 2000 Desktop Engine) is also vulnerable to SQL Slammer and is often installed as part of third-party applications.

    There is no reason for this problem to be as bad as it still is. While it takes vigilance to stay aware of your potential danger spots and to know where all your SQL Server and MSDE implementations are, securing SQL Server itself isnt rocket science.

    Next page: Steps you can take to lock down SQL Server

    Jim Rapoza, Chief Technology Analyst, eWEEK.For nearly fifteen years, Jim Rapoza has evaluated products and technologies in almost every technology category for eWEEK. Mr Rapoza's current technology focus is on all categories of emerging information technology though he continues to focus on core technology areas that include: content management systems, portal applications, Web publishing tools and security. Mr. Rapoza has coordinated several evaluations at enterprise organizations, including USA Today and The Prudential, to measure the capability of products and services under real-world conditions and against real-world criteria. Jim Rapoza's award-winning weekly column, Tech Directions, delves into all areas of technologies and the challenges of managing and deploying technology today.

    Submit a Comment

    Loading Comments...
    Manage your Newsletters: Login   Register My Newsletters

    Rocket Fuel