Introduction to sql server 2000 security
This presentation is the property of its rightful owner.
Sponsored Links
1 / 28

Introduction to SQL Server 2000 Security PowerPoint PPT Presentation


  • 93 Views
  • Uploaded on
  • Presentation posted in: General

Introduction to SQL Server 2000 Security. Dave Watts CTO, Fig Leaf Software http://www.figleaf.com/. What’s this presentation about?. What kinds of security problems may occur with SQL Server? How can you configure your SQL Server to be secure?

Download Presentation

Introduction to SQL Server 2000 Security

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Introduction to sql server 2000 security

Introduction to SQL Server 2000 Security

Dave Watts

CTO, Fig Leaf Software

http://www.figleaf.com/


What s this presentation about

What’s this presentation about?

  • What kinds of security problems may occur with SQL Server?

  • How can you configure your SQL Server to be secure?

  • What do you have to do within your applications to keep SQL Server secure?


About sql server

About SQL Server

  • Lots of functionality

  • Easy to use and manage, compared to other products

  • Originally popular as a workgroup product, but aimed at enterprise use

  • Not “secure by default”

  • Not just used on “database servers”, but often bundled with other products


Security problems

Security problems

  • Buffer overflows – typically do not require authorization for success.

  • SQL injection – attacker can run arbitrary SQL commands through client application with rights of that application.


Security

Security

  • Installation and initial configuration

  • Network connectivity

  • Trusted and untrusted connections

  • Database logins, roles, and rights

  • Application security

  • Data validation


Installation and initial configuration

Installation and initial configuration

  • Service user accounts

  • Filesystem ACLs

  • Default roles and permissions within SQL Server

  • Control access to system and extended stored procedures

  • Drop sample databases


User accounts

User accounts

  • SQL Server and SQL Server Agent may run as SYSTEM, or as specific users.

  • SQL Server should run as a low-privilege local user account.

  • SQL Server Agent may need to be a domain account, if replication or other network functionality is being used.


User account configuration

User account configuration

  • During install, specific user accounts can be chosen.

  • The installer will grant those accounts the necessary rights to run SQL Server and related processes.

  • It will also grant filesystem and registry ACLs needed to run SQL Server.

  • You will need to create the accounts before installation.


Sql server 2000 on windows server 2003

SQL Server 2000 on Windows Server 2003

  • Requires SQL Server 2000 SP2 or higher.

  • During installation, you can’t choose a lower-privilege user account!

  • You will need to manually set ACLs and account rights yourself!

  • Documentation available on MS site, SQL Security site.


Network topology

Network topology

  • SQL Server should not be exposed on the public Internet.

  • If possible, it should only be available to the web server(s) using it and to internal administrative workstations.

  • If it needs to be exposed, exposure should be limited to specific IP addresses or through VPN.


User authentication

User authentication

  • SQL Server supports two types of connections:

    • Windows Authentication (“trusted”)

    • SQL Server logins (“untrusted”)


Trusted connections

Trusted connections

  • Generally recommended best practice.

  • Windows Authentication uses existing Windows accounts.

  • Takes advantage of built-in Windows security functionality:

    • Account management

    • Password management

    • Auditing


Trusted connections cont d

Trusted connections, cont’d

  • Windows Authentication uses the security context of the client process.

  • With CF, this means the CF service account would be used for authentication.

  • The Windows password is not transferred between the client and server.


Untrusted connections

Untrusted connections

  • Native SQL Server logins do not rely on Windows security.

  • Most CF applications use native SQL Server logins.

  • Usernames and passwords are passed as slightly obfuscated text.


Untrusted connections cont d

Untrusted connections, cont’d

  • SSL can be used between web server and database server to protect credentials from being sniffed.


Cf and sql server authentication

CF and SQL Server authentication

  • CFMX doesn’t support trusted connections with the included JDBC driver.

  • The latest version of DataDirect Connect for JDBC does support trusted connections.

  • Using trusted connections would require that the CF Server account have rights to all databases used by a web server.

  • Impractical unless hosting a single application, or using multiple instances.


Network connectivity

Network connectivity

  • Supported protocols

    • TCP/IP

    • IPX/SPX

    • Named Pipes

  • TCP/IP is MS recommended choice.

  • By default, connections between clients and servers use plaintext!


Demonstration

Demonstration

  • Viewing database connection information for untrusted connections


Encryption options for database connections

Encryption options for database connections

  • By default, connections between clients and servers use plaintext.

  • TCP/IP and SSL

  • Multiprotocol

  • CF 5 vs CFMX

    • CF 5 uses ODBC functionality

    • CFMX uses DataDirect JDBC drivers


Tcp ip default listening ports

TCP/IP default listening ports

  • TCP/1433 – client connections

  • UDP/1434 – discovery

  • TCP/2433 – client connections if “hide server” option enabled.

  • If named instances of SQL Server are installed, each will listen on a different, user-defined port instead of TCP/1433.


Ports cont d

Ports, cont’d

  • UDP/1434 can and should be blocked for production servers.

  • The server can be manually configured to listen on a port other than TCP/1433.

  • This will limit the effectiveness of worms attacking exposed servers.


Users and roles within sql server

Users and roles within SQL Server

  • PUBLIC should be denied access to database objects.

  • Create new logins for your applications, and grant them rights to specific tables and other database objects.


Roles

Roles

  • Server roles

    • sysadmin

    • backup

    • security admin

  • Database roles

    • db owner

    • db_datareader

    • db_datawriter


Sql injection

SQL injection

  • Attacker sends arbitrary SQL commands through your application.

  • Attacker uses error messages (or simply times results) to determine success.


Demonstration1

Demonstration

  • SQL injection attack


Input filtering

Input filtering

  • CFQUERYPARAM

  • Stored procedures


Resources

Resources

  • SQL Security:http://www.sqlsecurity.com/

  • MS Technet Security:http://www.microsoft.com/technet/security

  • DataDirect Connect for JDBC:http://www.datadirect-technologies.com/


Conclusion

Conclusion

  • If you have any questions, contact me:[email protected]

  • Thank you!


  • Login