Introduction to SQL Server 2000 Security - PowerPoint PPT Presentation

Introduction to sql server 2000 security
Download
1 / 28

  • 115 Views
  • Uploaded on
  • Presentation posted in: General

Introduction to SQL Server 2000 Security. Dave Watts CTO, Fig Leaf Software http://www.figleaf.com/. What’s this presentation about?. What kinds of security problems may occur with SQL Server? How can you configure your SQL Server to be secure?

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

Download Presentation

Introduction to SQL Server 2000 Security

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Introduction to sql server 2000 security

Introduction to SQL Server 2000 Security

Dave Watts

CTO, Fig Leaf Software

http://www.figleaf.com/


What s this presentation about

What’s this presentation about?

  • What kinds of security problems may occur with SQL Server?

  • How can you configure your SQL Server to be secure?

  • What do you have to do within your applications to keep SQL Server secure?


About sql server

About SQL Server

  • Lots of functionality

  • Easy to use and manage, compared to other products

  • Originally popular as a workgroup product, but aimed at enterprise use

  • Not “secure by default”

  • Not just used on “database servers”, but often bundled with other products


Security problems

Security problems

  • Buffer overflows – typically do not require authorization for success.

  • SQL injection – attacker can run arbitrary SQL commands through client application with rights of that application.


Security

Security

  • Installation and initial configuration

  • Network connectivity

  • Trusted and untrusted connections

  • Database logins, roles, and rights

  • Application security

  • Data validation


Installation and initial configuration

Installation and initial configuration

  • Service user accounts

  • Filesystem ACLs

  • Default roles and permissions within SQL Server

  • Control access to system and extended stored procedures

  • Drop sample databases


User accounts

User accounts

  • SQL Server and SQL Server Agent may run as SYSTEM, or as specific users.

  • SQL Server should run as a low-privilege local user account.

  • SQL Server Agent may need to be a domain account, if replication or other network functionality is being used.


User account configuration

User account configuration

  • During install, specific user accounts can be chosen.

  • The installer will grant those accounts the necessary rights to run SQL Server and related processes.

  • It will also grant filesystem and registry ACLs needed to run SQL Server.

  • You will need to create the accounts before installation.


Sql server 2000 on windows server 2003

SQL Server 2000 on Windows Server 2003

  • Requires SQL Server 2000 SP2 or higher.

  • During installation, you can’t choose a lower-privilege user account!

  • You will need to manually set ACLs and account rights yourself!

  • Documentation available on MS site, SQL Security site.


Network topology

Network topology

  • SQL Server should not be exposed on the public Internet.

  • If possible, it should only be available to the web server(s) using it and to internal administrative workstations.

  • If it needs to be exposed, exposure should be limited to specific IP addresses or through VPN.


User authentication

User authentication

  • SQL Server supports two types of connections:

    • Windows Authentication (“trusted”)

    • SQL Server logins (“untrusted”)


Trusted connections

Trusted connections

  • Generally recommended best practice.

  • Windows Authentication uses existing Windows accounts.

  • Takes advantage of built-in Windows security functionality:

    • Account management

    • Password management

    • Auditing


Trusted connections cont d

Trusted connections, cont’d

  • Windows Authentication uses the security context of the client process.

  • With CF, this means the CF service account would be used for authentication.

  • The Windows password is not transferred between the client and server.


Untrusted connections

Untrusted connections

  • Native SQL Server logins do not rely on Windows security.

  • Most CF applications use native SQL Server logins.

  • Usernames and passwords are passed as slightly obfuscated text.


Untrusted connections cont d

Untrusted connections, cont’d

  • SSL can be used between web server and database server to protect credentials from being sniffed.


Cf and sql server authentication

CF and SQL Server authentication

  • CFMX doesn’t support trusted connections with the included JDBC driver.

  • The latest version of DataDirect Connect for JDBC does support trusted connections.

  • Using trusted connections would require that the CF Server account have rights to all databases used by a web server.

  • Impractical unless hosting a single application, or using multiple instances.


Network connectivity

Network connectivity

  • Supported protocols

    • TCP/IP

    • IPX/SPX

    • Named Pipes

  • TCP/IP is MS recommended choice.

  • By default, connections between clients and servers use plaintext!


Demonstration

Demonstration

  • Viewing database connection information for untrusted connections


Encryption options for database connections

Encryption options for database connections

  • By default, connections between clients and servers use plaintext.

  • TCP/IP and SSL

  • Multiprotocol

  • CF 5 vs CFMX

    • CF 5 uses ODBC functionality

    • CFMX uses DataDirect JDBC drivers


Tcp ip default listening ports

TCP/IP default listening ports

  • TCP/1433 – client connections

  • UDP/1434 – discovery

  • TCP/2433 – client connections if “hide server” option enabled.

  • If named instances of SQL Server are installed, each will listen on a different, user-defined port instead of TCP/1433.


Ports cont d

Ports, cont’d

  • UDP/1434 can and should be blocked for production servers.

  • The server can be manually configured to listen on a port other than TCP/1433.

  • This will limit the effectiveness of worms attacking exposed servers.


Users and roles within sql server

Users and roles within SQL Server

  • PUBLIC should be denied access to database objects.

  • Create new logins for your applications, and grant them rights to specific tables and other database objects.


Roles

Roles

  • Server roles

    • sysadmin

    • backup

    • security admin

  • Database roles

    • db owner

    • db_datareader

    • db_datawriter


Sql injection

SQL injection

  • Attacker sends arbitrary SQL commands through your application.

  • Attacker uses error messages (or simply times results) to determine success.


Demonstration1

Demonstration

  • SQL injection attack


Input filtering

Input filtering

  • CFQUERYPARAM

  • Stored procedures


Resources

Resources

  • SQL Security:http://www.sqlsecurity.com/

  • MS Technet Security:http://www.microsoft.com/technet/security

  • DataDirect Connect for JDBC:http://www.datadirect-technologies.com/


Conclusion

Conclusion

  • If you have any questions, contact me:dwatts@figleaf.com

  • Thank you!


  • Login