Database Hardening

All Replies

• 

  

  0

  Sign In to Vote

  You can refer to below links,

  http://msdn.microsoft.com/en-us/library/ff648664.aspx

  http://blogs.msdn.com/b/data_otaku/archive/2011/06/21/harden-the-database-server.aspx

  http://social.msdn.microsoft.com/Forums/en-US/sqlsecurity/thread/bb6afc6b-5780-490b-9780-9759f66854eb

  ---

  Thanks & Regards RAJUKIRAN L Please mark this reply as the answer or vote as helpful, as appropriate, to make it useful for other readers.

  Wednesday, May 29, 2013 12:19 AM

  Reply

  |

  Quote

  |
• 

  

  0

  Sign In to Vote

  Hi Kccrga

  Don't for get to search if there is already some documents followed by ur company. Those will be exactly as per ur business requirement.

  ---

  Thanks Saurabh Sinha

  http://saurabhsinhainblogs.blogspot.in/

  Please click the Mark as answer button and vote as helpful if this reply solves your problem

  
  

  Wednesday, May 29, 2013 4:58 AM

  Reply

  |

  Quote

  |
• 

  

  0

  Sign In to Vote

  Can we restrict INFORMATION_SCHEMA and SYS access to general users?

  Wednesday, May 29, 2013 5:57 AM

  Reply

  |

  Quote

  |
• 

  

  0

  Sign In to Vote

  Try below,

  DENY SELECT On SCHEMA::sys To [user_name]
  DENY SELECT On SCHEMA::INFORMATION_SCHEMA To [user_name]

  ---

  Thanks & Regards RAJUKIRAN L Please mark this reply as the answer or vote as helpful, as appropriate, to make it useful for other readers.

  Wednesday, May 29, 2013 6:23 AM

  Reply

  |

  Quote

  |
• 

  

  1

  Sign In to Vote

  Can we restrict INFORMATION_SCHEMA and SYS access to general users?

  No. There are APIs that query the catalog views, and you would run into trouble if you tried to keep users out.

  Note that the views in these schemas are locked down by themselves. A user with no permission who queries sys.objects will see the system objects, but no user-defined tables, stored procedures etc.

  ---

  Erland Sommarskog, SQL Server MVP, [email protected]

  Wednesday, May 29, 2013 9:41 PM

  Reply

  |

  Quote

  |
• 

  

  0

  Sign In to Vote

  Is there any system views which can be restricted from normal users for SQL hardening?

  Wednesday, May 29, 2013 10:41 PM

  Reply

  |

  Quote

  |
• 

  

  0

  Sign In to Vote

  A user have very few default permissions, but there is one permission you can revoke and that is VIEW ANY DATABASE. Then users can not list available databases on the system. They can only see the system databases  and databases they own. They will have to know the names of the database they may access.
  

  ---

  Erland Sommarskog, SQL Server MVP, [email protected]

  Thursday, May 30, 2013 9:31 PM

  Reply

  |

  Quote

  |
• 

  

  0

  Sign In to Vote

  Hi ,

  As per hardening is concerned ..SQL server is itself hardened and secured in almost all ways( if updated with latest SP)..features which you enable and disable makes you SQL server vulnerable..AS suggested by Saurabh ref to your business requirement and then take steps..If u search on google u can find many doc which which ask u to disable many features but that shud not do good...you have to create your own best practice doc considering your environment...

  Below is link on Social MSDN  which had same discussion

  http://social.msdn.microsoft.com/Forums/en-US/sqlsecurity/thread/04623eb1-4fbc-437b-8e6b-d63fad8f8db9

  ---

  Please mark this reply as the answer or vote as helpful, as appropriate, to make it useful for other readers

  Saturday, June 01, 2013 8:14 AM

  Reply

  |

  Quote

  |