|
Home > Archive > MS SQL Server > March 2006 > SS2000 setup
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Dan D. 2006-03-05, 8:24 pm |
| Someone else installed SS on what is to be a production server that we want
to be as secure as possible. I'm wondering about some of the settings for the
server.
On the tab for "connections" under the server properties, wouldn't it be
more secure to not allow other SQL Servers to connect remotely to this SQL
Server? I can't think of any reason now why we would need this.
Under network configuration "named pipes" as well as "tcp/ip" are enables. I
think these are the defaults during installation but wouldn's it be more
secure to remove "named pipes" if we're not using it?
Thanks,
--
Dan D.
| |
| John Bell 2006-03-05, 8:24 pm |
| Hi Dan
Yes to both. In general don't allow anything you don't need.
The following is a check list you may want to look at:
http://www.sqlsecurity.com/FAQs/ SQ...57/Default.aspx
You may also want to look at the lockdown script
http://www.sqlsecurity.com/Tools/Lo...64/Default.aspx
Also run MBSA to see if it finds something you have missed.
John
"Dan D." wrote:
> Someone else installed SS on what is to be a production server that we want
> to be as secure as possible. I'm wondering about some of the settings for the
> server.
>
> On the tab for "connections" under the server properties, wouldn't it be
> more secure to not allow other SQL Servers to connect remotely to this SQL
> Server? I can't think of any reason now why we would need this.
>
> Under network configuration "named pipes" as well as "tcp/ip" are enables. I
> think these are the defaults during installation but wouldn's it be more
> secure to remove "named pipes" if we're not using it?
>
> Thanks,
>
>
>
>
> --
> Dan D.
| |
|
|
|
|
|