Results 1 to 9 of 9
  1. #1
    Join Date
    Nov 2002
    Posts
    14

    Unanswered: SQL Database Intruders

    How can I prevent intruders from accessing, modifying and deleting tables in the backend database using ISQL or other SQL tools?

    Will setting the database permissions, server roles in SQL Server 2000 provide protection?

    Please advise!

  2. #2
    Join Date
    Feb 2002
    Posts
    2,232
    There are a couple of concerns you have to manage (as best as possible):

    Attack from a legitimate user which you can control though permissions/roles ...
    Attack from the outside (inside as well) - either using existing logins or using a security breech(like buffer overruns) to get in and/or escalate permission and/or execute anything within sql server.

    Just make sure that you keep up with the security patches for sql server and restrict access through permissions/roles.

  3. #3
    Join Date
    Feb 2002
    Posts
    2,232
    And I almost forgot - the sleeping dragon - sql injection attacks.

  4. #4
    Join Date
    Nov 2002
    Posts
    14

    SQL Database Intruders

    Could users that have data read/write permissions to a particular database change tables and data in the backend?


    Originally posted by rnealejr
    There are a couple of concerns you have to manage (as best as possible):

    Attack from a legitimate user which you can control though permissions/roles ...
    Attack from the outside (inside as well) - either using existing logins or using a security breech(like buffer overruns) to get in and/or escalate permission and/or execute anything within sql server.

    Just make sure that you keep up with the security patches for sql server and restrict access through permissions/roles.

  5. #5
    Join Date
    Nov 2002
    Posts
    14

    Running Trace(Profiler)

    How can I capture and send traces to a log file for the entire day?

    Originally posted by rnealejr
    There are a couple of concerns you have to manage (as best as possible):

    Attack from a legitimate user which you can control though permissions/roles ...
    Attack from the outside (inside as well) - either using existing logins or using a security breech(like buffer overruns) to get in and/or escalate permission and/or execute anything within sql server.

    Just make sure that you keep up with the security patches for sql server and restrict access through permissions/roles.

  6. #6
    Join Date
    Feb 2002
    Posts
    2,232
    Yes - You can either use the file or table option (as mentioned by paul young). Examine the grant permissions for your users as well as roles (including server/database).

    Do you thing something is penetrating your database ?

    Another item to catalog is to find out what queries are being run against your system and finding out what user logins are used. It is very possible that some applications may be using inappropriate logins (oh for example sa) which can open up your database.

  7. #7
    Join Date
    Nov 2002
    Posts
    14
    How can I find out what queries are being ran against the database/system and finding out what user logins are used?

    Originally posted by rnealejr
    Yes - You can either use the file or table option (as mentioned by paul young). Examine the grant permissions for your users as well as roles (including server/database).

    Do you thing something is penetrating your database ?

    Another item to catalog is to find out what queries are being run against your system and finding out what user logins are used. It is very possible that some applications may be using inappropriate logins (oh for example sa) which can open up your database.

  8. #8
    Join Date
    Feb 2002
    Posts
    2,232
    SQL Profiler is a performance drain - so be careful.

    Start a new trace -> event -> tsql -> sql:batchcompleted.

    Are you concerned about a possible threat to your system ?

  9. #9
    Join Date
    Oct 2002
    Posts
    369

    Re: Running Trace(Profiler)

    As rnealejr mentioned, Profiler can be a significant performance drain.

    If you are interested in a complete packaged solution, you may wish to look at / test the Lumigent Entegra product:

    http://www.lumigent.com/Products/Ent...tm#performance

    While I have not tested their Entegra product, I previously tested demo versions of the Lumigent Log reading product (which was measurably less of a drain on performance than profiler for similar functions).

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •