This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Backend Security Project SQLServer Hardening"
From OWASP
(→Tools) |
(→Description) |
||
Line 2: | Line 2: | ||
= Description = | = Description = | ||
+ | |||
+ | == Installation of the Engine == | ||
+ | |||
+ | * Service installed | ||
+ | * Authentication Mode | ||
+ | * Process | ||
+ | |||
+ | == Configuration tools provided == | ||
+ | |||
+ | * Surface Area Reduction (services and connection) | ||
+ | * Surface Area Reduction (functionality) | ||
+ | * Sql Server Configuration Manager (endpoints and protocols) | ||
+ | * Sql Server Administrators | ||
+ | * System Stored Procedure (xp_cmdshell…) | ||
+ | |||
+ | == Database Administration == | ||
+ | |||
+ | * Password Policies | ||
+ | * Authorization | ||
+ | * Roles and Schemas | ||
+ | * Metadata Views | ||
+ | * Linked Servers | ||
+ | * Execution Context | ||
+ | |||
+ | == Encryption == | ||
+ | |||
+ | * Symmetric | ||
+ | * Asymmetric | ||
+ | * Asymmetric with certificate | ||
= References = | = References = |
Revision as of 08:30, 17 June 2008
Overview
Description
Installation of the Engine
* Service installed * Authentication Mode * Process
Configuration tools provided
* Surface Area Reduction (services and connection) * Surface Area Reduction (functionality) * Sql Server Configuration Manager (endpoints and protocols) * Sql Server Administrators * System Stored Procedure (xp_cmdshell…)
Database Administration
* Password Policies * Authorization * Roles and Schemas * Metadata Views * Linked Servers * Execution Context
Encryption
* Symmetric * Asymmetric * Asymmetric with certificate