Mike Beaver's Tech Support Page 3

Interesting and Useful A - F F - K L - P P - Y Questions Articles and Find a Hypnotist SQL Security Major SQL Security Pages SQL Security Injection
SQL Injection Attacks: Are You Safe?	Beware SQL Injection in Web Applications
General SQL Security Articles
Chapter 14 – Building Secure Data Access Locking down SQL Server (ZDNET) Make Your SQL Servers More Secure INFO: Accessing SQL Server with Integrated Security from ASP If you use SQL Server Authentication, also known as Standard	Security, to install your SQL Server, the system administrator (sa) password may be stored in clear text, or in an encrypted readable format in the SQL Server setup files. If so then you will want to read FIX: Service Pack Installation May Save Standard Security Password in File, which tells you about KillPwd.exe, which will remove these passwords.
SQL Server Security Bulletins
Microsoft Security Bulletin MS02-020: SQL Extended Procedure Functions Contain Unchecked Buffers (Q319507)	CERT® Advisory CA-2002-22 Multiple Vulnerabilities in Microsoft SQL Server
SQL Server 2000 Security
Guide to the Secure Configuration and Administration of Microsoft SQL Server 2000 (NSA) SQL Server 2000 Security - Part 1 (Net Libraries) Security on TechNet 10 Steps to Help Secure SQL Server 2000 SQL Server Security Modes SQL Server 2000 Security SQL Server 2000 Security White Paper SQL Server 2000 C2 Evaluation SQL Server 2000 C2 Administrator's and User's Security Guide SQL Server 2000 Resource Kit Chapter 10 - Implementing Security	SQL Server 2000 Operations Guide Chapter 3 - Security Administration SQL Server 2000 Administrator's Pocket Consultant Chapter 5 - Microsoft SQL Server 2000 Security SQL Server 2000 SP3 Security Features and Best Practices: Implementation of Server Level Security and Object Level Security Security Models and Scenarios for SQL Server 2000 Windows CE Edition 2.0 SQL Server HOW TO: Change the SQL Server Service Account Without Using SQL Enterprise Manager in SQL Server 2000
SQL Server 7 Security
Microsoft SQL Server 7.0 Security Introduction Developer Q&A: SQL Server 7.0 Security SQL Server 7.0 Security Melds With Windows NT	SQL Server 7.0 Security White Paper SQL Server 7.0 Resource Guide Chapter 16 - Product Security SQL Server 7.0 Administrator's Companion Chapter 7 - Managing Security
Maintenance
SQL Server Security Bulletins on Microsoft TechNet Microsoft's Qchain tool chains hotfixes together so that only one reboot is required when installing several fixes. Microsoft Security Notification Service is a free email notification service that Microsoft uses to send information to subscribers about	the security of Microsoft products. The Baseline Security Analyzer scans and evaluate the security of your SQL Server. Best Practices for Applying Service Packs, Hotfixes, and Security Patches.
Back to Mike Beaver's Hypnotherapy Home Page