Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Locking Down SQL Server 2000



 By: Jim Rapoza
2004-01-12
Article Rating:starstarstarstarstar / 1


There are 0 user comments on this Network Security & Hardware story.


  Table of Contents:
  1. Locking Down SQL Server 2000
  2. ' Steps you can take '
  3. ' Web resources for SQL '

Rate This Article:
Poor Best
Locking Down SQL Server 2000
( Page 1 of 3 )

eWEEK Labs recommends the best ways to lock down vulnerable machines.While the Blaster worm and Sobig virus garnered the lions share of attention and fear last year, 2003 began with a worm that caused many headaches for administrators of Microsoft Corp.s SQL Server 2000. The SQL Slammer worm, which exploited a known and patched hole in SQL Server 2000, crashed servers and brought networks to their knees.

In multiple tests held recently at eWEEK Labs, an unpatched SQL Server system became infected with SQL Slammer in less than 10 minutes. However (and amazingly), a year after SQL Slammer first struck, there are still many vulnerable and unpatched SQL Server systems on the Internet.

Securing SQL Server

  • Stay up-to-date with service packs
  • Quarantine new or unpatched SQL Server systems until theyre secured
  • Perform offline testing of patches
  • Use a strong, regularly changed sa password and, if applications permit, Windows authentication
  • Block the ports on which SQL Server listens for connections
  • Make use of vulnerability assessment and patch management tools
  • Make sure applications that attach to SQL Server are secure
  • Check multiple resources for SQL Server information

    • Clearly, there are many people who havent gotten the message when it comes to patching and securing SQL Server 2000.

    Resource Library:

    Compounding the trouble is the fact that MSDE 2000 (Microsoft SQL Server 2000 Desktop Engine) is also vulnerable to SQL Slammer and is often installed as part of third-party applications.

    There is no reason for this problem to be as bad as it still is. While it takes vigilance to stay aware of your potential danger spots and to know where all your SQL Server and MSDE implementations are, securing SQL Server itself isnt rocket science.

    Next page: Steps you can take to lock down SQL Server




      Reader Comments: Locking Down SQL Server 2000
    >>> Be the FIRST to comment on this article!
     


     
     
    >>> More Network Security & Hardware Articles          >>> More By Jim Rapoza
     


    x}r8s;iW1E.B䲦lcS(Hb"9$KO $ -R]}۶D 7$y3Y΄M j֢w.Q? !YpZi_rd#s1magFwö&N=gR'~> \?T;U| n0 p;\۲LyEs:l\>3^_aTc#1UE V3/LZHͩ<&N{#xZj/~ H.CSf1{P$!XIcF/X4ri[곩}o_]^uzmo]u'H>߉ecby1hժ=TRJw#=Z& V%uսi?w=$/'t6lXaZ|]kV׏`Ck']Mn[CyC0Uj#1\4.?uINQⱪ-0N`0lUm_HNfb'jJGX,>*f~ri[Q2|#2Xc]NRߜ>o4V`FC ܺ玁J$9VϡTȟგ4R\ 5jbXSl \OoBiOLfzCC̿E7h+bԌөr 7CD rQ"`Q%  '| 8Jn.b?M#΃QwW9Q]% K\M흎E֏GZ*;]g8i7-һ^5?A*Gv9s{Q {>֌^=I$>6Z\?$5&@ -s'09wښA<Qފ]ӡ24a vhiqppyY?90»4{`ޚmm -L<ħI C|r\(Lw^ bA$D!"-i]NP@Ar68 -,rrd++~G~zGBZ$[2(7ݞH9s'@+%sMX.QU,p[/tfd(L=?j1!5G ,D`v9r*L.[ ϴ6JԍyRp|:7=[KuY-{D&1C IK,[tt?;\ !!q<-%`|fX4Кs=RA\^XPL[Nm(tsf9`ZWjP~mZ&4B ڛwyEGyUnX7!t3 TkyӏϞ ۀ}Q>R5JZzI۶y_.MMEc7˅L< +׬UPL g<)*[hw<(Zr V֌M'W.r1r@eO/T᧒rV3Q*[V@q=137Rd 3X-8E/4-{'ٲJd-Yֽ(Vv/+\?ourqO,H#oh m_EڠmeLGy K-C IH֦(X+ezlxӇ8$&le2C}نzSk :m _5_` }dҶa^ЫK ASF}r?-j(6 /XS;hM>w!-ϐ|tP9s?d!\o ZʘkX$l ]ifJ-  o _t1t0,Y\ϖ򺰫\45g&A> z$'Z>pl`/R#u޴ 2bJ ,䧢R.5-A D 쨸lVajiL*wڶ{>Qidy Q(JЧɹC@3@M~N!W3pP*@ bN, #(V WG/y@Ψ>UF>3 $hD4e2f-4_\0-* D%hT,*Mܥh&\3QtP7$0m4dHڸ/|P"588zxf @ L,:Z  [::4 : o3Czo @H=OqЀ%УGii}~هF9C!߬0Kw"jXUlcChZzXҪ*7;zA~{ &q@0@~~fQ9x?ה `3TxKべ'שXT8ᔑe10k儒v25;+NZжןfca gԖwkq 5\ EU_a>Y6`K :Ryd^{PDK&nΚ7 .}l)3PY]7`ϘsG_/X#cփn#>2̛aԎ3|m,,n1yc%[Ŵ(n<0{L3wF>6 in`Hd2y6(~E+->Q#*Alƃ!p*f%g\T`zEz9y 1C ]2՘ޜy21i ϣDʜY_@hO ] ?k8黨b$V;'v_I|SeȣVV8<V6jRaoa~VZXiC3gV W>yQyQ|Z#W:j|cXQ]zU&CUT-VrA?YXᐋn#EZ{"ZAX_dL5AKl!/`.P(S/"h6)XVK"hJg؋_r[rn)ty4ņ51(4rQ;k^Ah semn?f"9`{'jH@K|PeTFھk^,< 7C7{d',-LGI<^:&.2Oɿf﹮ LBDoSwg#S$͇J%:m\QJ[: *{GLɒZ'UekJZܯ]q(3Az' 2vBq]6dt  +UA 'HHD>ġiFR{e">QXk㜌 ?|{~iwoz} o S L $q!YUihja{2YtW%O}y9rg|F8pewA{HN۝8 ^+{;^j\#-*V|H`UEK7?h6:%uށ4S `e8~{HCLn _{%%e\|P;lѳI?`y <蕣n=pΛW:Kݳ?wH:mEu߽o=rHp'Biu>\$'d0 s|n^E'6bL`jX&IEy#W5C1M|0M P(_!a C{z P)'$ N%>cϺ;$VBLV`2"(BR.IHe*KIeޜ,Hy9Ym@4to6_xvImK$cΖˤeė4 Y) !>bG)-#*V,E#^}ydN48z]) $#ʫr@N~A=?rW}ݝ9V88fHS pGڑq eީӊN|u+ɅNo-PW1kyR̵j dŽ%攠{@95~@לc)|si9S<3m~`'6<U]q")Xf=VA\vY H-Э> y{ho&|)s'I֚ 9oaJwfim =lGx?vO*owҽ{ѧ}EstR* 9l"$$yMzj,WQ53\Bn'>L9zd2 *f}x3D?.yiҒ91>oaP;-ԃz4ݷP% >.=]f+wQ[]x͞wYiYU9.r\-"nǸ*U-/^RRIJ>]%ϫꀞ< h6vo"Ba"fsME[o<7f{3zng Z~‡i<&Kmx? k^66)LЙJնn9 LPA A)ra_u)\ҙbA*7Izml\G5' uT1]A{my@Y N@0~O qw~qmAZLu=qi?V܄_z@.}Lk6&sWm8Hjp'K.`{mfĬ.Iѹ:F+q9:-5z2>w*g@mV)U_,Ws@V,S<MrH _MKZ}tmt@e*.(&G8t Tb@g'qkNcuLJPχv)cVi1~RۃE CdbyפIۇjX*$R$$.oԎ#ieѮKiP{j3_k/xVOS˥ZM:SR3Oވ4qV#EL0٥mdS+*ة%N<:ktb; &.PJr+~$f/@-~]9𮦸E/dr UvW6iV>ߖAMKQPZڮB&|uaZ@`>\Vs*,AZ(A 7AV/X$nmd mx9`5q? ]I^ àWI$WFMM-*oH;/s[(?P#wzKz|qʹ4}}U.cwdڂкxU[9t`/e>hvh 4泶}qŮCY`mHdK]#Z/Ybwew=5p˫Ь166$_{s39#Zڡ ءJyR?R搤آ }#𢸉exKRXDV}(|@9P<}FU\"i; n8[ n {1-b0=s^Y!aVa!6^m di~ž|BT:"V!bQ!!xYx?ZEEEEǻh+xBS5Jڞ z3s;SҌ^_EW(hԲQ665c5/z`"yqSVaF!A@B{tMk~mf|qE08Zia/ݑiEg6׋{lRCjdm;Sףㆿ^VA)MSpE(x! 3(KޯgkL&0 $&`Cea~3Ȋ 4>v ǾW>+Z!փ ŤMݹ=byt*o;_?Jb5Hޠ%p> ENf텑yiX l@<g3w{eWXŬ  EZ~#weeܰ5s=ö{%.⛽MHA%PoAjO|k7iE 6B8BmKHvZ}mf'㵙Q=o{{7is{`W߰:ư:s/3Փ|`Y}z8Og-]6%4c5-Mn%OiYS=W/!_if-e։5)Vd|Q/2Ra1g5s+x(Z( @=>d>8XBO3|, v|wouv1 W[)@QfHk|j[%,@Ukbw*wئ}2,GƊbd= D?\<9C%"'+K3lߒo8̇xݩysgRČDcT <!#w ؒA6e@$'8. 2â=$JA6Y^lMQӬf0u!۟`n25y+YL=ǔv4weOspwgOAr副]kL"/j!x8j 5 {{[ý$#qvc̏;",W f]{N9- { o;j~;kГ-V%8I YWEPXT9!f&9tѰ L68~܉" .l?QXQq7‹/͛2?8?3쥡G9'6ǜ͂͢Eˉn tM9ݪW j~Ar)XZRӂ,w9]do#a nMo)UJ5t[`ŧ5\UԤp??b\y z|w&bfģ Zkah;Xÿ́kj=!vc`.OK璾7%~K-y-JYթ&4 ܬrNݐSTKvXj_@K=(iSd!d_4lSKaZ$~TRU1sܴHdi`XCX(kJ[?3|M/TZIy,tr;քAu |^pY$֟eO}K[\LP`o2?7n(5љ( @xl9 sXd7Mw-=$zt3!.үG8XL|oe-Aoq{u >9bg'-:s_aiZ \N j'z13B[w^?qbS~jbx WW_d3+nі5*<ң]F5bx >S1 s£e$11K}9ljrE,?y`}6ֿH\>dFiFwcH=M_%Θ}9'b E TTЍB)˪M;7gb ?|{~ B{V}{(m~G#h*x5;mܰlѦ7G 7ѭ߄QT1E'* :baR[ٓ{T8G@`m¼ϴH㢌G)Z}wd.uޘq1t5p<$nX{+$ʽOg-"+62s1jl/uhQf\{g~}C@,i;Gym!y;g(i<CS(~O.A"=RdbwMy–2.h+~:ZC8ܰJ?pБ`%A (3vƬ?^] "&DTw.2OaH9P=SbX"u,kDM(qi+8||>O'P0X.*'eE ԍd3w  n =IDMFs 7S,0 A"\*c̼ð~7]_: 1u(pf$,yףΛ]喣zPY|obhp ?v$'mݜ(8&Z9 $Bq0Ӝhp6oZ62 =<RXX_1ԻPӪr$2k|:(RP걦|?(k ;e" =JZ `xzNsdhz߃[ZGL€،P r5g_I4UMzzW~{Agk<m[4Z?V9궾w/t.ڗW~qbav>H5m+ƋBreIy)sS93mL4WQd;ˀW䎾(bh,.6 Iwg`JT /!b\ձ@L77[vgc+t_?gg:^Z;;jS3}uR\js@1@C|k{5"%/6π2?Bnj_׌+(Z_~JmfwQ__P~s ?/?VieC:CL"^Qʿ/?gA531s{sy~a?<Ϡs Dg(Q~ eCyF9E^\dEu݌wAt3OK7C\}\f%U``c}'O?g>g3s::~3OugK\8=r es z)W@^d_~*%IF>gȳJ3VڍnV`{J1{+^W_S kے+ ]q%=3,{ᘴ[M2}ח c|U(X2M*}#(/JRbye?V,Hw;]lGsm5n$WsM}Ӊ{Z=*xG,D<mcUF !=QAcT@D1KA1_wtɉnS2 L2A4̎-G.v)n7ks%>SG07U޴O]8ŭxg?9/ydֺWWV5VlNA6K֐H2>Yݩ7xx.؅ ߊčk,| e%HI00ȃa93|@//gu>赏?]u_ЯҾh .3ՋmP`*4UJ` c9t!J1 4`-o1BDO"OӉb;˘V͛YȌ)Ӧ/p^'Wv@f@2b'`{z98ëy0`)(6VI2hؐM ؒ9N-3G1N>@OgL™xRO,O~f+g -76@ E!N-cx u(Ϸ [Lޫ33<|#'gD|&ߢ)tO 4/AD[e CA Ú~sn7:aKƘ̥$Q#"5<23wH.P,cV}ޣ 8luu9o"AwA;׿J80y.6,ݭ( rh`ԃ`ƸB&f\S)"gU09Umxm>}rQKƠ֝SŌ1kHl7cBoaXkt JV7BQbXmO˩s v|'ֆ`mw>R0brf`O*}q AazvwʹXib]ݎ:SaRœj@x*$]v $$}9= zL}`Vߜù($rQYzt]Jhn-< +%x=$V*۹d$ӧ6gsIz=>`Lh}#Km^5&(z1̸1IϐR83k:9 XnA}F^y,kg_5 B3q< Y8T"Zmu[sJu^\m 2|s b9?N/C3+R1=zH|c,XoϨD %^Πob_w'{KV9((& |X#eUI;.~mׁD.G#J.ڐ|oS{)0XP74 <p2)> m<'6}J ;*"@"xr Pŗ-;wnf S*)m[9Ud2-1kc'pg!MX@ nخ;Oq^' 3>&q9޴% cHPVWݜ얏 R g7>5'كl48~>q$LoxA{~ r@cFEߟ2"\fPTj_fBTvl&)(Xp^'Atm);>BAr$c<[^Eҵ<oc3?[<-v; C +_2uE>v/-GJ~Q.u 7tle @h_Hʶ(T| %` GYU`Kr8ǩk[Vmx w}u+y!)1: /Ux.X=lۉQ#nȹ-`jk7EmYtẉA9ɓF0 ǯfw:n0>~09&rX>6sη`=dZ]x O!(f"dS1C7Dj0\r_H d[\B@w εx C,$?ˋ} cyx Uf})VS/́.?I*g\9ƕEyXqө8Yo.[_,{WN睳/<|p= aFk;OH*FRqOR||8(>uoh /=jptR6EKB^i ջlZrEg0m\}!l6{n&_1!-5WwV+n+:cSEpz_(Պ]jq[OEHR? TFCM:M\Zi/Wj\)֦O*&Zʱ wm&lult61ʹN +