Post reply

Search and Secure

  • February 28, 2008 at 8:15 am

    #93217

    I have a new "opportunity" in my company. Identify all instances of SQL on the network and see which ones need to be secured. And present a plan on how you will approach this. I am really do like the opportunity but where and how to start.

    Here is what I came up with on the spot. I have Domain Admin rights.

    1.Search the net work using (OSQL /L) and (sqlcmd /L) creating a list of Servers ( I know that this will only get the ones listening not sure how to find the others yet) Identify weather they are a server version or not.

    2.Run Baseline Security Analyzer on all that I find.

    3.Check for valid accounts

    4.Review patch and Hot fix levels.

    This is very basic but it is what I came up with in the on the spot. If you have any suggestions or some script ideas that would help I would gladly like to hear them. Buying software at this point is not an option.

    Thanks in advance.


    Stacey W. A. Gregerson

  • February 28, 2008 at 8:37 am

    #783234

    Looks good. Be sure you contact the people before patching/remediating and ensure you don't break anything. And give them deadlines to correct actions.

    For #1, if you can or have something like SMS, I'd scan for service accounts rather the -L. It's more reliable and will probably find more instances.

  • February 28, 2008 at 8:45 am

    #783252

    We have SMS in the company but only on the Desktops and Laptops. It is a very good idea though. He is just hard to get time with but I will try.

    They more I read about security the more I know I have a lot to learn.:w00t:

    I need to hit some security training. This may be a nerver ending job.

    Thanks for your quick reply


    Stacey W. A. Gregerson

  • February 28, 2008 at 9:16 am

    #783308

    In the past I have used SQL Scan, part of the SQL Critical Update Kit. It was provided to help identify instances vulnerable to Slammer, but you can just use it to scan your domain.

    http://www.microsoft.com/downloads/details.aspx?FamilyID=9552d43b-04eb-4af9-9e24-6cde4d933600&displaylang=en

  • February 28, 2008 at 7:08 pm

    #783563

    My tool of choice for this sort of thing is SQLPing 3 from http://www.sqlsecurity.com/Tools/FreeTools/tabid/65/Default.aspx


    Scott Duncan

    MARCUS. Why dost thou laugh? It fits not with this hour.
    TITUS. Why, I have not another tear to shed;
    --Titus Andronicus, William Shakespeare

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply