January 20, 2010 at 9:34 am
Taking on new MSSQL Server instance with several Off-the-Shelf App back-end DBs installed. Need to do forensics and documentation.
The former unofficial DBA or MSSQL server instance responsible party was Net Operations group and Mgr.
That person wants me as new DBA to document security and configuration for this instance.
There are a half dozen or so disparate applications running against back-end SQL Server Dbs (BlackBerry monitoring/Zenprise, ChangeAuditor/Quest, InTrust/Quest, TrackIt (Help Desk app), CMS software (Umbraco), etc.
How do I approach this task from forensic vantage point. Do I need to know the configuration/install creation of SS objects (Security, schemas, etc.) from the App installs? There are a bunch of violations of Best Practice Security for MSSQL on this instance. BIG TASK here...
Thanks for anyone's help.
Zee
SS DBA
General Dynamics
Atlanta, GA
January 20, 2010 at 10:53 am
Hi Zee,
Hard task, no doubt 🙂 When I had to do thing like this, I iterated: started from the big chunks to the smaller things. First: databases and logins: who can access which database, what's the level of access. Who are in any server roles, especially who are the sysadmins. If there are obvious violations, like application accounts are sa, try to catch the real need with profiler and restrict their permissions (be cautios and communicative here :). Then when everyone is in their own database, you can start looking for the finer things: schema modifications, etc.
Good luck!
-- Erik http://blog.rollback.hu
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply