About Me ·
At GROSSWEBER we practice what we preach. We offer trainings for modern software technologies like Behavior Driven Development, Clean Code and Git. Our staff is fluent in a variety of languages, including English.
I often see SQL Server 2000 installations where the server is left running under the SYSTEM account. This is not a good idea because if SQL Server gets compromised, the attacker will have full control over the machine. Even if the server is running under an account with Administrator or Power User rights similar risks arise. If the account in question is a domain account, the attacker will have access to other systems of your organization as well.
I suspect the root cause for these often-seen SYSTEM-level instances lies in the fact that the SQL Server 2000 setup program suggests running the SQL Server services under the SYSTEM account.
There are actually ways to run SQL Server 2000 under a Limited User Account without having to sacrifice functionality. The administrative tools of Windows and SQL Server will help you to accomplish better security for your server. The settings made below may be applied earlier during the setup program. However, I'll describe how to change them after the installation has finished.
That's it. Your SQL Server instance is now running with limited rights. In case an attacker is able to gain access to the server he will be constrained in his abominable deeds. A side note: This makes sense on development machines too. Deploying security not only on production servers is key to best practice development.
a@href@title, blockquote@cite, em, strike, strong, sub, sup, u
Page rendered at Monday, 27 March 2017 18:16:49 (W. Europe Daylight Time, UTC+02:00)
newtelligence dasBlog 2.3.257.0
© Copyright 2017, admin
The opinions expressed herein are my own personal opinions and do not represent
my employer's view in any way.