Steps you can take
to lock down SQL Server"> The first and most obvious step in security for SQL Server is to stay up-to-date with the service packs for SQL Server 2000. All the most recent packs include fixes for the problems that cause SQL Slammer, as well as for other potential security problems. In addition, we recommend that when dealing with a new or unpatched SQL Server system, IT managers take that system offline or put it on a closed network. Given how quickly Slammer can strike, any IT staff is bound to end up with an infected system while patching a new system.Outside of SQL Slammer, a poorly secured SQL Server implementation can make it easy for malicious attackers to crack applications and databases and access sensitive information. One of the most common mistakes is poor or nonexistent authorization security. Weve been stunned the numerous times weve seen a SQL Server system with a blank sa (system administrator) password. We recommend using a strong, regularly changed sa password and, if applications permit, using Windows authentication. Another common-sense step to take in securing SQL Server is to block the ports on which it listens for connectionsnamely, TCP port 1433 and User Datagram Protocol port 1434. If the systems that need to connect to SQL Server are the only ones that can connect to it, you will have more protection against unknown problems that may arise. Next page: Web resources for SQL Server security
This will also provide an opportunity to do offline testing of the patch to ensure it doesnt adversely affect your applications.