Assessing Security Threats to Microsoft SQL Server
Many resources help protect SQL Server
September 10, 2002
When did you last profile your Microsoft SQL Server 2000 system for potential threats? If you haven't done so, you might want a toolkit and some easy-to-understand guidelines.
Next Generation Security Software (NGSSoftware) recently published "Threat Profiling Microsoft SQL Server," which describes in detail tools and procedures that you can use to gauge your exposure to intruders. According to NGSSoftware, the paper has "four main sections. The first section will cover attacks that do not require the attacker to have a user ID and password for the SQL Server, that is, the attacks are unauthenticated. The second section will cover those attacks that do require authentication; to succeed the user must be logged onto the SQL Server. The third section will consider those attacks that can be launched from a compromised server. The final and fourth section will touch briefly upon attacks via the Web using SQL Injection."
"Threat Profiling Microsoft SQL Server" discusses SQL Monitor port attacks, network-sniffing opportunities, brute-force attacks, file-system attacks, Trojan horses in extended stored procedures, client attacks (e.g., against the SQL Enterprise Manager), navigating the database server, password cracking, bypassing access controls, and more. The paper lists a series of tools you need to obtain before you start. Minimally, you'll need various SQL client tools (such as Query Analyzer and ODBCPing), Microsoft Visual C++, SQLPing, NGSSQuirreL, NGSSQLCrack, and NGSSniff. The SQL Server CD-ROM contains SQL client tools. SQLSecurity.com offers SQLPing. NGSSoftware offers the latter three tools through the company's Web site. According to NGSSoftware, NGSSQuirreL is an auditing tool that can find and fix holes in the SQL Server; NGSSQLCrack can crack the passwords of standard SQL logins; and NGSSniff is a network traffic capture and analysis tool. Overall, the paper contains a wealth of information about securing your SQL Server.
Other steps you can take toward SQL Server security include keeping up with Microsoft security bulletins and reviewing other resources. Microsoft has issued 11 security bulletins for SQL Server 2000 so far, including a cumulative patch in August 2002 that contains all the other security patches. Be sure you've loaded the ones you might need—or the cumulative patch if you want to load them all.
SQL Server Magazine and its related Web site often discuss SQL Server security. For example, when you visit the Web site, you'll find Michael Otey's article "Free SQL Server Tools," which discusses his favorite free SQL Server tools, among which are security-related tools. You'll also find Kalen Delaney's article "Safe Transit," which discusses how to ensure that user and passwords match up after a database restoration.
Regularly reviewing the potential threats to your SQL Server will help keep it secure. I hope the resources mentioned will support that review process.
Read more about:
MicrosoftAbout the Author
You May Also Like