O'Reilly logo

Seven Deadliest Microsoft Attacks by Naomi Alpern, Mike Borkin, Brian Barber, Rob Kraus

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

First Defensive Layer: Eliminating First-Layer Attacks

Executing many of the stored procedure attacks we have explained requires that you already have sysadmin-level access within SQL Server application. It is obvious that you can gain this level of authority by directly defeating SQL Server's security, but it can also come from attacking and defeating Windows itself. The key to eliminating first-layer attacks, therefore, is actually just following good security practices in regards to both Windows and SQL.

alt1 Note

Prior to SQL Server 2008, administrator-level access within SQL Server was automatically provided to the local administrators group of the Server (if it was set for either mixed mode or Windows authentication). This means that ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required