SoFunction
Updated on 2025-04-13

Improvements to SQL Server security system

To make the database more resistant to infringement, you need to take a few steps. Some measures are only part of good server management, such as having the latest patches for SQL Server, others include in-use user supervision. Here are five steps:

Query the latest service package

You have to make sure you always have the latest service packs. For SQL Server2000, this is SP3a. Remember that service packages are multiple; if you use SP3a, you do not have to use the service packages before this, such as SP3, SP2 or SP1. SP3 is a special service package. Once installed, it no longer uses any previous upgrade programs, but the installation requirement is that SP1 or SP2 is already installed.

Register a security alert

Although service packages help your SQL Server database to avoid many threats, they are a little overwhelmed with fast-running security issues such as attacker worms. You need to sign up for Microsoft's free security notification service, which will email you what's hacking into your security systems and how to fix them.

Run Microsoft Baseline Security Analyzer (MBSA)

This tool is targeted at SQL Server and MSDE2000 desktop engines. It can be used both locally and online. It uses passwords, access permissions, access control lists, and registration to find out the missing security package or service package. You can find relevant information on TechNet.

Delete SA and old passwords

One of the security mistakes people often make is not changing the system management password. You will easily ignore the installation files and remaining configuration information, without well-protected authentication information and other sensitive data, which can be attacked. You must delete old installation files: Program FilesMicrosoft SQL ServerMSSQLInstall or Program FilesMicrosoft SQL SeverMSSQLInstall or Program Files Microsoft SQL ServerMSSQL$Install folders. Similarly, use the KILLPWD tool to find the old passwords and delete them.

Monitoring connections

Joining can tell you who is trying to enter SQL Server, so monitoring joins is a good way to keep your database safe. For a large running SQL Server, there may be too much link data to monitor, but monitoring those failed links is indeed necessary because they may represent some attempts to enter. You can log in to Enterprise Manager that failed links, 1. Right-click on the server and select Properties. 2. Click the Security tab and select Failure under Audit Level. 3. Stop and restart the server to get the start of the check.