This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Backend Security Project SQLServer Hardening

From OWASP
Revision as of 08:30, 17 June 2008 by Carlo.pelliccioni (talk | contribs) (Description)

Jump to: navigation, search

Overview

Description

Installation of the Engine

   * Service installed
   * Authentication Mode
   * Process

Configuration tools provided

   * Surface Area Reduction (services and connection)
   * Surface Area Reduction (functionality)
   * Sql Server Configuration Manager (endpoints and protocols)
   * Sql Server Administrators
   * System Stored Procedure (xp_cmdshell…)

Database Administration

   * Password Policies
   * Authorization
   * Roles and Schemas
   * Metadata Views
   * Linked Servers
   * Execution Context

Encryption

   * Symmetric
   * Asymmetric
   * Asymmetric with certificate

References

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Backend_Security_Project_SQLServer_Hardening&oldid=31818"