Welcome to KillerSoul Service
Username Password
Saturday, May 18, 2024 Unghii false acryl :: Support Forum :: Top100 :: Greetings 

Main Menu

· Home

Navigate
· AvantGo
· Downloads
· FAQ
· Members List
· News
· Recommend Us
· Reviews
· Search
· Sections
· Stats
· Topics
· Top List
· Web Links

Who's Online

We have 1 guest and 0 members online

You are an anonymous user. You can register for free by clicking here

cheap softwarediscount software

Reviews
Download
Weblinks
IT News
Three steps to safer SQL
Posted by: killersoul
on: Thursday, December 12, 2002 - 04:35 AM GMT

Vulnerability exploits against SQL implementations are becoming more popular in the attacker community. Don't wait. Take these three steps towards safer SQL

In the past year, we have seen a large increase in the number and severity of attacks against our enterprise databases. Here's a quick checklist to follow or audit against to make sure your SQL servers are better protected.

1. Change your SQL password

By default, most installations set the SQL administrator password to either null or to 'sa'. Attackers know this and will commonly use this vulnerability to compromise not just the database or server, but the entire network. Your SQL server password must meet or exceed the complexity requirements of your site's existing password policy. Remember, SQL often runs with the highest system authority, therefore protecting this account from password guessing is akin to protecting one of the crown jewels. Compromise of the SQL account can have vast and devastating effects.

2. Patch your SQL server software

Patches come out for a variety of reasons - such as functional fixes and security. You must keep your SQL server patched to the current level. It is just as important as keeping your operating system and anti-virus software up to date. Vulnerability exploits against SQL implementations are becoming more and more popular in the attacker community.

3. Ensure that adequate input validation is in place on all SQL applications

If your web site uses a SQL backend, even for simple authentication, you must make sure information passed to the SQL server is clean of imbedded SQL commands and redirections. For specific information on SQL server input validation mechanisms, check out the SQL security FAQ at http://www.sqlsecurity.com/faq-inj.asp.

That's it. Follow these three steps and you will repel a great deal of SQL attacks. For deeper security improvements of SQL installations you should check out the SANS reading room for articles such as http://rr.sans.org/win/SQL_sec.php which explains SQL security baselines and functionality.





 

Related links

· More about IT News
· News by killersoul

Most read story in IT News:
Three steps to safer SQL

Three steps to safer SQL | Login/Create an account | 0 Comments
Threshold
Comments are owned by the poster. We aren't responsible for their content.
BannerExchange :: Poster Store :: Downloads 
Enter to KillerSoul.net - The Top 100 Sites and Vote for this Site!!!