Skip to content

SQL Server Security

Spend $50 to get a free DVD!

ISBN-10: 0072225157

ISBN-13: 9780072225150

Edition: 2003

Authors: Chip Andrews, David Litchfield

List price: $55.00
Blue ribbon 30 day, 100% satisfaction guarantee!
Buy eBooks
what's this?
Rush Rewards U
Members Receive:
Carrot Coin icon
XP icon
You have reached 400 XP and carrot coins. That is the daily max!

Description:

This volume provides in-depth coverage of the installation, administration, and programming of secure Microsoft SQL Server environments and applications. It includes expert advice on how to defend against network-based attacks as well as little-known security holes such as SQL-injection.
Customers also bought

Book details

List price: $55.00
Copyright year: 2003
Publisher: McGraw-Hill Education
Publication date: 9/12/2003
Binding: Paperback
Pages: 352
Size: 7.50" wide x 9.00" long x 1.00" tall
Weight: 1.540
Language: English

Acknowledgments
Introduction
SQL Server Security: The Basics
SQL Server History
Editions of SQL Server
General Database Security
SQL Server Security Vulnerabilities
Under Siege: How SQL Server Is Hacked
Picking the Right Tools for the Job
Data or Host?
Attacks that Do Not Require Authentication
Attacks That Require Authentication
Resources
Code Listing 1
Code Listing 2
Code Listing 3
SQL Server Installation Tips
Planning an Installation
Operating System Considerations
Running the Installer
Locking Down the Server
Checklist
The Network-Libraries and Secure Connectivity
Client/Server Connectivity
Secure Sockets Layer
SQL Server Network-Libraries
Configuring Connections
Best Practices
Authentication and Authorization
Authentication
Authorization and Permissions
Syslogins, Sysprotects, Syspermissions, and Other Mysteries
Best Practices
SQL Server in the Enterprise
SQL Server Replication
Multiserver Administration
Active Directory Integration
Auditing and Intrusion Detection
Case Study
SQL Server Auditing
SQL Server Alerts
Data Encryption
Encryption Explained
Hashing Algorithms
Salts
Key Management
Built-In Encryption Functions
Encrypting Custom Stored Procedures
Encrypting SQL Server Table Data
Encrypting SQL Server Network Traffic
Middle-Tier Encryption
Third-Party COM Components
CryptoAPI
SQL Injection: When Firewalls Offer No Protection
SQL Injection Basics
Case Study: Online Foreign Exchange System
Advanced Topics
SQL Injection Defense
Best Practices
Secure Architectures
Defense In Depth
Security Requirements
Planning
Development
Testing
Deployment
Maintenance
System and Extended Stored Procedure Reference
Limiting the Risks of Stored Procedures
Stored Procedure Attack Strategies
High-Risk System and Extended Stored Procedures
Defensive Strategies
Additional Technologies that Impact SQL Server Security
Visual Studio, Microsoft Office, and COM Connectivity Tools
SQL Server Mail Interfaces
Internet Information Server Integration
SQL Server Developer and Administrator Tools
Connection Strings
Properties
Sample Connection Strings
Where to Place Connection Strings
Security Checklists
SQL Server Version Checklist
Post-Install Checklist
Maintenance Checklist