信息安全加固手册-SQL-Server

Certifications, Compliance, and VulnerabilitiesSQL Server 2008 introduced additional enterprise-class security features and made considerable investments in capabilities that help provide a high level of security and compliance for organizations—built directly into the product. These investments contribute to Microsoft’s Trustworthy Computing initiative that defines the steps necessary to help support secure computing and helps you deploy and maintain a secure environment. Microsoft continuously works to ensure security vulnerabilities are minimal and pursues certifications and tools for SQL Server to help organizations meet security-related policies and regulations.Common Criteria CertifiedCommon Criteria certifications are officially recognized by an international agreement (the CCRA) by 25 countries that signed the agreement, including the United States and Japan. This certification is a third party verification of the extensive security of SQL Serv er 2008 and demonstrates Microsoft’s continued commitment to our customers’ security needs. For more on Common Criteria: /∙SQL Server 2008 Enterprise edition: EAL1+ for 32 and 64bitSQL Server 2008 completed an IT security evaluation at the Basic Assurance Level (EAL1+). This certification isparticularly significant in Japan where it makes SQL Server 2008 eligible for procurement tax discounts as a CCcertified DBMS.∙SQL Server 2008 Enterprise edition: EAL4+ (in progress)SQL Server 2008 is currently in process to complete the EAL4+ security evaluation. The certification officiallystarted in January 2009 and typically takes 18-24 months to complete. The US government requires databasesoftware purchases be CC certified at EAL4+ and recognizes the certification once the process begins.∙Previous certificationsSQL Server 2005 SP1 at EAL1 (32 bit Enterprise Edition)SQL Server 2005 SP2 at EAL4+ and compliant w/NSA DBMS Protection Profile V1.1 (32 bit Enterprise Edition)FIPS 140-2 CompliantFederal Information Processing Standards (FIPS) are recommended or mandated in federal government-operated IT systems in either the United States or Canada. SQL Server 2008 can be configured to run as a FIPS-compliant application when running on an operating system that uses a FIPS-140-2-validated Cryptographic Service Provider or other module that has been validated.Read more on FIPS-140-2: /kb/955720Evaluated for Payment Card Industry (PCI) Data Security Standard (DSS) ComplianceCertified audit firm, Parente Randolph, evaluated SQL Server 2008 for PCI compliance and provides guidance to customers on passing PCI audits. The key to complying with the standards is to ensure that Information Technology professionals maintain a suitable database platform to allow requirements to be met.Read the evaluation: Deploy SQL Server 2008 Based on PCI DSS Standards/lib/pdf/Deploying_SQL_Server_2008_Based_on_PCI_DSS.pdfEvaluated for HIPAA ComplianceHealth Information Portability and Accountability Act (HIPAA) governs health information privacy, security, organizational identifiers, and overall administrative practices. Organizations faced with HIPAA regulations can take advantage of SQL Server 2008 capabilities to help meet database-related compliance requirements.Read the evaluation: Supporting HIPAA Compliance with Microsoft SQL Server 2008/mssql2008hipaaFor more information:SQL Server Compliance Guide: /downloads/details.aspx?FamilyId=6E1021DD-65B9-41C2-8385-438028F5ACC2&displaylang=enSQL Server 2008 Key Security Features1.Transparent Data Encryption (TDE)Implementing encryption in a database traditionally involves complicated applicationchanges such as modifying table schemas, removing functionality, and significant performance degradations. TDE solves these problems by simply encrypting everything without requiring changes to the application.2.All Actions AuditedWith SQL Server 2008 you can create audits that will allow you to analyze the data usage patterns for the data in your database. With SQL Server 2008 you can audit not only changes to data but also which users are reading data. From a security standpoint this will allow you to see when a user who would normally have access to a certain set of data is accessing more than they should and take corrective action if necessary.3.Extensible Key ManagementExtensible key management works with transparent data encryption to separate the encryption key from thedatabase. With the growing demand for regulatory compliance and concern for data privacy, organizations can take advantage of 3rd party Hardware Security Modules (HSM) which store encryption keys on hardware or software modules away from the data for added security.4.Policy-Based ManagementPolicy-Based Management allows DBAs to define a set of policies that can control many different aspects of SQL Server. Policies can be applied to a single server or to groups of servers. Use Policy-Based Management to help manage and detect non-compliance with security polices for data across the enterprise.5.Clustering AuthenticationSQL Server 2008 clustering supports Kerberos authentication on a virtual server. Administrators are able to specify Microsoft Windows–style policies on standard logins so that a consistent policy is applied across all accounts in the domain.6.Surface Area ConfigurationSQL Server 2008 includes the SQL Server Surface Area Configuration Tool, which provides an intuitive graphical user interface (GUI) for configuring the server. Running this tool should be your first task after installing SQL Server. The tool opens with a brief explanation of its purpose, and a link to documentation. It includes a link to configure services and protocols and another to configure other features.7.Off By DefaultTo reduce the SQL Server 2008 surface area to unauthorized access after initial installation, a number of services have been turned off or set for manual start-up so no inadvertent access is granted. Services that are off by default include the Microsoft .NET Framework, Service Broker network connectivity, and HTTP connectivity for Analysis Services.Services that require manual intervention to start include SQL Server Agent, Full Text Search, and IntegrationServices, which can all be reset for automatic start-up.8.Surface Area Reduction and Advanced SecuritySQL Server 2008 provides rich security features to protect data and network resources. It is much easier to achieve a secure installation of the software, because all but the most essential features are either not installed by default or disabled if they are installed. SQL Server provides plenty of tools to configure the server. Its authentication features make it harder to get access to a server running SQL Server by integrating more closely with Windows authentication and protecting against weak or old passwords. Granting and controlling what a user can do when authenticated is far more flexible with granular permissions.SQL Server Vulnerabilities ComparisonMicrosoft, IBM, MySQL, and Oracle regularly report security vulnerabilities (or CVEs) to NIST National Vulnerability Database (/view/vuln/search ). Based on this reported information, the following is a historical representation of database security vulnerabilities reported by Microsoft, IBM, MySQL, and Oracle over the past 8 years.Database features alone should not be assessed to determine “security.” Organizations need to understand howvulnerable their database solution is from attacks —and not just external attacks, according to Forrester (March 2009), 70% of threats come from inside the enterprise. This means it’s no longer safe to assume that a database behind a firewall is protected and vulnerabilities or patching are not of concern.Notes : Update as of 4/20/2010. Vulnerabilities are included for SQL Server 2000 , SQL Server 2005 , SQL Server 2008. Oracle (8i, 9i, 9iR2, 10g,10gR2,11g), IBM DB2 (8.0, 8.1, 8.2, 9.0, 9.5), Query for Oracle was run with vendor name: ‘Oracle’ , and product name: ‘any’ (all database product name variations were queried) . Query for IBM DB2 was run with vendor name: ‘IBM’ , and product name: ‘db2.’ Query for MySQL was run with vendor name: ‘MySQL’, and product name: ‘Any.’ Query for Microsoft was run with vendor name: ‘Microsoft ‘ ; product name: ‘Microsoft SQL Server’; version name: ’Any’This chart counts NIST CVE – Software Flaws (Each CVE might include more than one Oracle vulnerabilities)20406080100120140160200220032004200520062007200820092010SQL Server Oracle DB2MySQL。

Microsoft SQL Server数据库系统配置安全基线标准与操作指南南京农业大学图书与信息中心2018年6月目录第1章概述 (1)1.1 安全基线概念 (1)1.2 文档编制目的 (1)1.3 文档适用范围 (1)1.4 文档修订 (1)第2章帐号与口令 (1)2.1 口令安全 (1)2.1.1 删除不必要的帐号 (1)2.1.2 用户口令安全 (1)2.1.3 帐号分配管理 (2)2.1.4 分配数据库用户所需的最小权限 (2)2.1.5 网络访问限制 (2)第3章日志 (3)3.1 日志审计 (3)3.1.1 登录审计 (3)3.1.2 安全事件审计 (3)第4章其他安全配置 (4)4.1 安全策略 (4)4.1.1 通讯协议安全策略 (4)4.2 更新补丁 (4)4.2.1 补丁要求 (4)4.3 存储保护 (5)4.3.1 停用不必要存储过程 (5)第1章概述1.1 安全基线概念安全基线是指满足最小安全保证的基本要求。

1.2 文档编制目的本文档针对安装运行Microsoft SQL Server数据库系统的服务器主机所应当遵循的基本安全设置要求提供了参考建议，供校园网用户在安装使用Microsoft SQL Server数据库系统提供数据存储服务过程中进行安全合规性自查、检查、加固提供标准依据与操作指导。

1.3 文档适用范围本文档适用于Microsoft SQL Server数据库系统的各类版本。

1.4 文档修订本文档的解释权和修改权属于南京农业大学图书与信息中心，欢迎校园网用户提供意见或建议，请发送至security@。

第2章帐号与口令2.1 口令安全2.1.1 删除不必要的帐号2.1.2 用户口令安全查看password 字段应不为null2.1.3 帐号分配管理2.1.4 分配数据库用户所需的最小权限2.1.5 网络访问限制在防火墙中做限制，只允许与指定的IP 地址建立1433 的通第3章日志3.1 日志审计3.1.1 登录审计3.1.2 安全事件审计打开企业管理器，查看数据库“管理”中的“ SQL Server第4章其他安全配置4.1 安全策略4.1.1 通讯协议安全策略4.2 更新补丁4.2.1 补丁要求级效果，再在实际运行环境更新数据库。

Microsoft SQL Server数据库系统安全配置基线中国移动通信公司管理信息系统部2012年 4月版本版本控制信息更新日期更新人审批人V1.0 创建2009年1月V2.0 更新2012年4月备注：1.若此文档需要日后更新，请创建人填写版本控制表格，否则删除版本控制表格。

目录第1章概述 (4)1.1适用范围 (4)1.2适用版本 (4)1.3实施 (4)1.4例外条款 (4)第2章帐号与口令 (5)2.1口令安全 (5)2.1.1删除不必要的帐号* (5)2.1.2SQLServer用户口令安全 (5)2.1.3根据用户分配帐号避免帐号共享* (6)2.1.4分配数据库用户所需的最小权限* (6)2.1.5网络访问限制* (7)第3章日志 (8)3.1日志审计 (8)3.1.1SQLServer登录审计* (8)3.1.2SQLServer安全事件审计* (8)第4章其他 (10)4.1安全策略 (10)4.1.1通讯协议安全策略* (10)4.2更新补丁 (10)4.2.1补丁要求* (10)4.3存储保护 (11)4.3.1停用不必要存储过程* (11)第5章评审与修订 (13)第1章概述本文档规定了中国移动通信有限公司管理信息系统部门所维护管理的SQL Server 数据库应当遵循的数据库安全性设置标准，本文档旨在指导系统管理人员或安全检查人员进行SQL Server 数据库的安全合规性检查和配置。

1.1 适用范围本配置标准的使用者包括：数据库管理员、应用管理员、网络安全管理员。

本配置标准适用的范围包括：中国移动总部和各省公司信息化部门维护管理的SQL Server数据库系统。

1.2 适用版本SQL Server系列数据库。

1.3 实施本标准的解释权和修改权属于中国移动集团管理信息系统部，在本标准的执行过程中若有任何疑问或建议，应及时反馈。

本标准发布之日起生效。

1.4 例外条款欲申请本标准的例外条款，申请人必须准备书面申请文件，说明业务需求和原因，送交中国移动通信有限公司管理信息系统部进行审批备案。

SQL Server 2000系统维护手册SQL Server 2000是微软公司的数据库产品，可以运新在Windows系列的操作系统上；是当前应用最广泛的数据库管理系统之一。

我公司开发的C/S结构的软件产品均以SQL Server 2000做数据库后台。

SQL Server 2000安装 (1)1.安装环境 (1)2.个人版安装 (2)二．系统调试 (9)1. "SQL Server 不存在或访问被拒绝" (9)2. 由于登录失败而无法启动服务 (10)3. 由于登录失败而无法启动服务 (10)4. 未与信任SQL Server连接相关联 (10)5. 安装的时候提示挂起 (12)三．常用操作 (13)数据备份 (13)数据还原 (15)数据库分离 (17)数据库附加 (18)收缩数据库 (19)四．数据库的转移、重装 (20)SQL Server 2000安装1.安装环境Sql Server 2000有很多版本，其中个人版本可以安装在主流的Windows操作系统中，包括：Windows 98，Windows Me，Windows 2000，Windows XP，Windows 2003等。

而企业版本只能安装在服务器版本的Windows环境下，比如：Windows NT、Windows 2000 server、Windows 2003等。

因此我们建议一般的应用，采用Sql server 2000个人版本即可。

Sql server 2000安装对硬件没有特别要求，但需要满足：处理器：Pentium 166 MHz 或更高。

内存 (RAM)：至少 64 MB，建议 128 MB 或更多。

硬盘空间：需要约500MB的程序空间，以及预留500M的数据空间。

2.个人版安装（一）运行personal目录下的“安装文件.BAT”文件或其它可执行文件，调出安装程序后，出现图一所示界面。

直接点击“下一步”。

浅谈SQL Server数据库的安全问题作者：王有伟来源：《信息安全与技术》2012年第03期【摘要】目前随着互联网的逐步发展，很多信息都是在互联网上进行交互，包括非常重要的信息。

如何保护互联网中数据库的安全，越来越成为人们关注的话题。

本文对数据库的安全机制进行了研究，重点分析目前流行的SQL Server数据库的安全机制，安全隐患，及其使用其数据库时候如何进行必要的安全保护。

【关键词】 SQL Server；数据库；安全Discussion Security Issues on SQL Server DatabaseWang You-wei(Rural Credit Cooperative of Shandong Jinan ShandongJinan 250001)【 Abstract 】 At present, with the gradual development of the Internet, lots of information is on the Internet interaction, including the very important information. Protecting the Internet database security becomes an important topic. This paper studies the database security mechanism, focus on the analysis of the popular SQL Server database's security mechanism, security, and when using the database how to perform the necessary safety protection.【 Keywords 】 SQL Server; database; security1 引言目前各种数据库的出现可谓层出不穷，而SQL Server数据库由于其优点众多，让其在数据库领域独占鳌头，成为最受用户欢迎的数据库系统。

SQL Server是微软公司的一款关系数据库管理系统，广泛用于企业级应用程序和全球信息站开发中。

2004年，SQL Server出现了一个安全漏洞，CVE编号为CVE-2004-2761。

该漏洞允许攻击者通过精心构造的SQL查询来执行未经授权的数据库操作，可能导致数据泄露、数据库瘫痪，甚至服务器被入侵。

以下是对该漏洞的详细解读：一、漏洞描述CVE-2004-2761是SQL Server的一个认证绕过漏洞。

在受影响的SQL Server版本中，当用户尝试使用FTP或HTTP上传文件时，攻击者可以通过夹带特定的SQL查询，绕过认证机制实现未经授权的数据库操作。

这种漏洞的存在可能会严重影响服务器的安全性和稳定性。

二、受影响的版本CVE-2004-2761影响的SQL Server版本包括但不限于：- Microsoft SQL Server 7.0- Microsoft SQL Server 2000- Microsoft SQL Server 2005- Microsoft SQL Server 2008三、攻击方式攻击者可以利用CVE-2004-2761漏洞，构造恶意的SQL查询，并将其夹带在FTP或HTTP上传的文件中。

当服务器接收到这些文件并解析时，恶意的SQL查询将被执行，从而导致数据库操作的未经授权执行。

四、潜在威胁CVE-2004-2761漏洞的潜在威胁包括但不限于：- 数据泄露：攻击者可以利用漏洞来获取数据库中的敏感信息，如用户账户、密码等。

- 数据库瘫痪：攻击者可能执行恶意操作导致数据库瘫痪，影响正常的业务操作。

- 服务器入侵：利用漏洞进行未经授权的数据库操作，最终可能导致服务器被入侵控制。

五、解决方案针对CVE-2004-2761漏洞，建议采取以下解决方案：1. 及时安装补丁：微软公司已发布针对该漏洞的安全补丁，建议及时对受影响的SQL Server版本进行升级和更新补丁。

2. 进行安全配置：对SQL Server进行安全配置，限制用户权限，避免恶意SQL查询的执行。

sql server 数据库的正确加密方法Encrypting data in a SQL Server database is a crucial step to ensure the security and confidentiality of sensitive information. Proper encryption methods can help prevent unauthorized access and protect the data from being compromised. There are various encryption techniques and algorithms that can be utilized to achieve a high level of protection for the data stored in a SQL Server database.在SQL Server数据库中加密数据是确保敏感信息安全和保密的重要步骤。

适当的加密方法可以帮助防止未经授权的访问，并保护数据免受损害。

有各种加密技术和算法可以用来实现对存储在SQL Server数据库中的数据的高级别保护。

One of the commonly used encryption methods in SQL Server is Transparent Data Encryption (TDE). TDE encrypts the data at rest, which means the data files and backups are encrypted, providing an additional layer of security. This method helps to protect the data from unauthorized access, in case the physical storage media (such as hard drives) are stolen or compromised.SQL Server中常用的加密方法之一是透明数据加密（TDE）。

Sqlserver 2008数据库安全设置方法目录一、服务器身份验证 (1)1.验证登录模式 (1)二、SQL Server服务的运行身份 (1)1.用户身份验 (1)三、sa密码的安全性 (1)1.修改sa的用户名 (1)四、端口相关问题 (2)1.修改端口号 (2)2. 卸载SQL的不安全组件 (2)3. 权限设置 (2)五、数据库安全策略 (3)1．使用安全的密码策略 (3)2．使用安全的帐号策略 (3)3．加强数据库日志的记录 (3)4．管理扩展存储过程……………………………………………………5．使用协议加密 (4)6．不要让人随便探测到你的TCP/IP端口 (4)7．修改TCP/IP使用的端口 (5)8．拒绝来自1434端口的探测 (5)9．对网络连接进行IP限制 (5)数据库安全设置方法一、服务器身份验证MSSQL Server 2008的身份验证模式有两种：一种是Windows 身份验证模式, 另一种是SQL Server和Windows身份验证模式(即混合模式)。

对大多数数据库服务器来说，有SQL Server 身份验证就足够了，只可惜目前的服务器身份验证模式里没有这个选项，所以我们只能选择同时带有SQL Server和Windows身份验证的模式(混合模式)。

但这样就带来了两个问题：1、混合模式里包含了Windows身份验证这个我们所不需要的模式，即设置上的冗余性。

程序的安全性是与冗余性成反比的。

2、所谓Windows身份验证，实际上就是通过当前Windows管理员帐户（通常为Administrator）的登录凭据来登录MSSQL Server。

使用Windows身份验证，会增加Administrator密码被盗的风险。

为解决以上两个问题，我们需要限制混合模式里的Windows身份验证。

方法如下：打开Microsoft SQL Server Management Studio，点击安全性->登录名，将Administrator对应的登录名删除即可。