This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP Backend Security Project SQLServer Hardening
Overview
In this section there are some best practices concerning the security of SQL Server 2005. The operating system under SQL Server is Windows Server 2003.
Description
Installation of the Engine
The prerequisites for the installation are:
- .NET Framework 2.0
- Microsoft SQL Native Client
- Microsoft SQL Server 2005 Setup Support Files.
The installation consist of a large amount of services that are shortly descripted:
- SQL Server Database Services (install SQL Server database engine and tools for managing relational and XML data, replication and full text search)
- Analysis Services (install analysis services and tools used to support online analytical procession OLAP and data mining. Install also Integration Services)
- Notification Services (installs notification services a platform for developing and deploying applications that send personalized, timely notifications to a variety of devices or applications)
- Integration Services (install a set of tools and programmable objects for creating and managing packages that extract, transofrm and load data, as well perform task)
- Client Components (install management tools, development tools and legacy components)
- Documentation, samples and sample databases (installs books online documentation, sample databases and sample applications for all sql 2005 components)
During the installation the thing to remind is that from a security point of view, only what is strictly needed must be installed. To install a tipycal minimal configuration, the SQL Server Database Services and some Client Components (Connectivity components and Management Tools) can be installed.
Services
In SQL Server every service can run under a particular Windows account. The choices for the service's accounts are:
- Local user that is not a Windows administrator
- Domain user that is not a Windows administrator
- Local Service account
- Network Service account
- Local System account
- Local user that is a Windows administrator
- Domain user that is a Windows administrator
There is not only a solution to configure the service's account, but there are two rules to follow that enforce to behave in certain way:
- minimum privileges
- account isolation
Follow this, probably an administrator account (local or domain) has much more privileges than needed, indipendently of the service. The Local System account has to many privileges and it's not indicated for a service's account On the other hand Local Service and Network Service have not much privileges, but they are used for more Windows services, so there is no account isolation.
So the more secure solution for the Sql Server Service's Account is to use Local User or Domain User not Administrators. For example imagine that are installed the trhee main services:
- Sql Server
- Sql Server Agent
- Sql Server Browser
The task is to create three Windows Local User Account, belonging to User Group, protected with password, and assign them to the services. In this manner there are exactly two concepts: minimum privileges and account isolation.
