Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I have a class called Planning and Auditing of Information Systems and I came upon a exam question that goes like this:
Why is it not recommended to use "SQL Server and Windows authentication mode" for authenticating to a Microsoft SQL database?
I searched the literature I have for this and googled it but I wasn't able to find a definitive answer for this question. Does anyone know what this question could be aiming at?
When a SQL Server instance is brought up using Mixed authentication, the "sa" logon is enabled with complete sysadmin privileges and is given a password (hopefully a very strong one). The "sa" account is a common point of attack.
A hacker with access to an instance's "sa" account not only has all the data on the compromised instance and any linked servers, he also wields the power of the service account which the instance is running under by using xp_cmdshell to call PowerShell scripts among other things. Many organizations do not follow best practices for service accounts, and they will have their entire production environment running under one or two service accounts. This makes the "sa" account a very attractive point of attack for a hacker.
Under Windows authentication, the "sa" logon is disabled. This is probably what your exam question is looking for.
Mike Walston's points are also very true.
This is just my opinion, of course, but the reason it isn't recommended is that you end up having 2 different sets of users that have to be maintained and monitored at all times. In the real world this usually ends up with one of those two groups being neglected or not properly maintained, oftentimes because the sysadmins maintain the Windows Auth users and the DBAs maintain the SQL Server users. This inconsistency can lead to security concerns, or issues where users end up with both a Windows Auth username/password and a SQL Server username/password. When deactivating users sometimes only one of the two accounts will get deactivated, leading to a possible security issue.
Related
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 3 months ago.
Improve this question
I'm stuck with this problem. I have an Azure subscription for my domain with two Azure VMs named DBServer1 and DBServer2. Each of them hosts a default SQL Server instance. DBServer1 is in the East US Azure region and contains a database named Database. DBServer2 is in the West US Azure region.
How do I configure the primary and secondary endpoints, and what availability mode I need to set?
Also Is there any reliable resource where I can find questions with answers based on Administering Microsoft Azure SQL Solutions?
You can configure the primary endpoint as TCP://DBServer1.contoso.com:5022 and the the secondary endpoint as TCP://DBServer2.contoso.com:5022.
As both DBservers are not in the same region, you need to use async commit. Otherwise delay will cause application issues.
I recommend you read through this article: https://learn.microsoft.com/en-us/azure/azure-sql/virtual-machines/windows/availability-group-overview?view=azuresql
The biggest difference with on-prem is:
Load balancer that is needed in Azure
All nodes inside your cluster need to be a member of an availability set
I also recommend using striped volumes for your SQL files to foresee better performance: https://learn.microsoft.com/en-us/gaming/azure/game-dev-virtual-machine/striped-disks-iops
Here is the resource for practicing the Azure SQL solutions: https://www.study4exam.com/microsoft-exams
Scenario-based questions will help you understand the concepts easily.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I'm trying to setup a Windows 2012 Server that allows for more than 2 users to access it through remote desktop at the same time.
I know I need User/Device RDP CALs for it and I already have 4 them installed/activated and they show up on the RD Licensing Manager, I also have the Remote Desktop Services role installed.
However whenever a third user tries to connect through Remote Desktop he is asked to disconnect another user.
I saw some similar questions being asked here but no answers unfortunately.
For 2012, you need the entire environment to get close to a UI, the tool we all knew and at least like is gone. The GUI is sort of available if you have the full environment with a connection broker.
You should have gotten a grace period after setup where you could use the terminal server, but after a period it has to talk to the license server, but there's no way to tell it where the license servers is like before. You can do it with group policy - Administrative Templates\Windows Components/Remote Desktop Services/Remote Desktop Session Host/Licensing.
From there you can set the licensing mode and the licensing server. The server should then see the licenses and go back to session host and not just administrative remote desktop.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I hope this question is not too broad. I am still doing research, but I was hoping to get opinions from some experts. We are a software provider and our flagship software is accessed through a portal - our SQL servers (active-active-passive cluster) are safely nestled behind our firewalls and only accessed via our application. We have a very large client looking to do an offshoot and wants direct read-only access to their database. This is something we have not done before and makes us nervous. I am hoping for some guidelines to securing SQL server for the internet.
I should say that our cluster contains hundreds of client databases, only one of which will be accessed through this internet connection. We are open to adding additional hardware or software layers if necessary. This is SQL 2005.
Thanks all.
Basically you need to get a VPN established between your site and their's. That way you can hook them up to your local network.
The VPN you use should be capable of allowing you to expose access only to the database server itself.
Once you have that, then make sure you setup a specific database user that only has rights to the actual database they need.
If VPN is not an option most firewalls will allow you to setup a policy to a specific inbound ip on a specific port where the remote client static ip has to be in the ip exception list. this way the remote client would only have access to that specific SQL instance. You would then need to create a SQL user only under the "public" server role. then you would need to go user mapping and give that user access to their database only and give them "db_denydatawriter" and "db_datareader" you would probably also want to take away access from listing other databases so that they don't know who your clients are if you use descriptive names for your clients databases. that can be done under securables under securables. you would have to click search and select "this server" The "permision" us called "view any database". of course you would need SQL authentication for this to work. keep in mind that a client that is not experienced in SQL performance could lock tables, indexes, etc... with poor queries. a list of sprocs written by your shop might be the way to go.
here is an example to get you started.
USE [master]
GO
CREATE LOGIN [remoteuser] WITH PASSWORD=N'test', DEFAULT_DATABASE=[CLIENTDB], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF
GO
USE [CLIENTDB]
GO
CREATE USER [remoteuser] FOR LOGIN [remoteuser]
GO
USE [CLIENTDB]
GO
EXEC sp_addrolemember N'db_datareader', N'remoteuser'
GO
USE [CLIENTDB]
GO
EXEC sp_addrolemember N'db_denydatawriter', N'remoteuser'
GO
use [master]
GO
DENY VIEW ANY DATABASE TO [remoteuser]
GO
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
Is it possible to password protect an SQL server database even from administrators of the server?
I am hosting my database on SQL Server 2008 on a windows 7 machine. The Windows 7 machine and the SQL Server 2008 are controlled and administered by third party admins.
I have sensitive information in my database.
How do I secure my database, so that the third party admins do not look at the sensitive data?
Is there any way to restrict the third party admins from copying the stored procedures, table designs etc.
Only to a limited degree.
If they are administering the actual SQL Server Instance as well they have the "keys to the kingdom". They can view the definitions of every object, make changes to the definitions or the data, and do virtually anything else. Even if they merely have admin rights on the machine but not the server, they can get admin on the server through certain techniques which are generally considered valid rather than bugs or exploits. It is after all their server and the server will obey them.
In a situation like this, you need to be able to trust those admins at least to a degree. If you cannot trust them, you should ideally not be hosting with them at all, and if you can't trust them and must host with them, try to get your own VM where you can at least apply some additional security and auditing.
There are a few things you can do though, but none are completely effective.
The first is encryption. If you meet all the requirements and set it up properly, SQL's transparant data encryption can prevent an admin without the keys from reading the data (but they can still see the structure!) in the database. This is quit effective at protecting the actual data (but not the structure) but is difficult to set up properly.
You can use the "with encryption" option to protect your stored procedures. This is very weak protection and its very easy to get around this. But it at least sends a strong message to the curious that you don't want them looking and makes them jump through some hoops.
Traces and auditing will also help you determine what happened and see if they did anything, but those come at a performance price.
Hi there is no perfect defense for this issue you have to follow some steps to protect up to some extent like
If you don't want any people in the admin group on the server to be able to access the database, then remove the "BUILTIN\Administrators" user on the server.
Enable auditing
Enable Encryption
Use third party tools at io level that block crud to the database unless a password is provided
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
SSMS (SQL Server Management Studio) has saved 3 login information on my computer. However, when I tell it to remeber the 4th login info, it simply won't remember anything next time.
This means that each and every time I want to connect using that Login, I should provide user name and password, and this really sucks.
Do you know how can we manage saved login information of the login Dialog?
I filed a bug about this issue, that we can't manage that MRU list:
SSMS : Expose "Connect to Server" MRU list to users
They've fixed the issue where you had to either deal with the list you have or purge the entire thing by deleting mru.dat or SqlStudio.bin. But they haven't really made the list any more manageable. I've asked the author of a popular free add-in about extending his tool to support this functionality and he's potentially going to look into it.
In the meantime, if you really want to have many (most complain about the opposite, too many redundant entries in the list), you should just create four different registered servers, and connect to them from the Registered Servers node in Management Studio. This is much easier than trying to identify which 127.0.0.1 credentials you want to connect to - much easier to name your registered servers 127.0.0.1/login-name for much quicker recognition.
If you want to be able to identify a server and login by server name alone, then maybe you could add entries to your hosts files that all point to 127.0.0.1, but look like 'local.login1' and 'local.login2'... you should be able to save each of these connection entries separately because Management Studio will treat them all as different servers, even if they ultimately point to the same instance of SQL Server.