Threat profiliing Microsoft SQL Server
This document is an excellent overview of the security vulnerabilities with SQL Server. This is a must read for any dba out there that is trying to decide which authentication mode to use.
Personally, I rarely recommend using SQL Server Authentication. I've seen developer's tell their dba they MUST use SQL Server Authentication for programming - only because all the examples you see in books and online use "sa" with no password. I am shocked at the number of systems I have seen setup this way. Don't fall into this trap. Take the extra time to learn how to use Windows Authentication via code. This article should open your eyes to the real threats.
Tuesday, December 07, 2004
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment