This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Backend Security Project SQLServer Hardening

From OWASP
Revision as of 21:04, 19 June 2008 by GPederzini (talk | contribs) (Overview)

Jump to: navigation, search

Overview

In this section there are some best practices concerning the security of SQL Server 2005. The operating system under SQL Server is Windows Server 2003.

Description

Installation of the Engine

Services

Authentication Mode

Processes

Configuration tools provided

Surface Area Reduction (services and connection)

Surface Area Reduction (functionality)

Sql Server Configuration Manager (endpoints and protocols)

Sql Server Administrators

System Stored Procedure (xp_cmdshell)

Database Administration

Password Policies

Authorization

Roles and Schemas

Metadata Views

Linked Servers

Execution Context

Encryption

Symmetric

Asymmetric

Asymmetric with certificate

References

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Backend_Security_Project_SQLServer_Hardening&oldid=32041"