SQL Server Security 1st Edition
|New from||Used from|
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
From the Publisher
From the Back Cover
Protect your data from the most sophisticated hackers with hands-on examples and sure-fire measures in SQL Server Security
Understand the ways in which SQL Server can be hacked, and what you can do to prevent exploitation of your data. Install, administer, and program secure Microsoft SQL Server environments and applications. Assess your risk and threat levels when designing a secure system. Make sure your defensive strategies match the threat when considering encryption options. Extend your defenses to include security auditing and intrusion detection. Implementing the techniques in this indispensable security resource is as close as you can get to guaranteed prevention against hackers without turning off the power switch.
Covers the latest techniques:
- Install and configure your SQL Server environment for maximum security
- Build and maintain a robust and protected database server
- Protect valuable customer information, human resources data, and more
- Defend against application software vulnerabilities and configuration issues
- Ensure that access to data is only granted when appropriate
- Encrypt data into an unreadable form to preserve confidentiality
- Understand the mistakes that contributed to the spread of the SQL Slammer worm
- Rid your applications of SQL injection bugs
- Permit client applications to access the server securely
- Build and utilize an effective auditing and intrusion detection plan
- Paperback : 352 pages
- ISBN-10 : 0072225157
- Dimensions : 7.3 x 0.9 x 9.1 inches
- Item Weight : 1.39 pounds
- ISBN-13 : 978-0072225150
- Publisher : McGraw-Hill Education; 1st edition (September 12, 2003)
- Language: : English
- Best Sellers Rank: #4,153,998 in Books (See Top 100 in Books)
- Customer Reviews:
Top reviews from the United States
There was a problem filtering reviews right now. Please try again later.
In the "Acknowledgements," lead author Chip Andrews writes "I wanted this book to give security and database professionals the same readability, reference ability, and red-eyed wonder that 'Hacking Exposed' gave me a few years back." My favorite aspect of the HE line was the material's ability to explain attack and defense concepts while illuminating the internal operation of victimized systems. SSS follows this lead by devoting entire chapters to SQL Server components, like Network-Libraries (ch. 4) and Authentication and Authorization (ch. 5). My favorite sections appear in chapter 7, where the authors describe novel ways to leverage SQL Server's "C-2 auditing" features for purposes of intrusion detection.
SSS dispenses an immense amount of useful advice, whether it's a whole chapter on secure installation (ch. 3), best practices found in most chapters, or the appendices on stored procedures and integration with other Microsoft technologies. The only downside I found appears in chapter 2, where SQL samurai David Litchfield uses language outside the realm of most readers' understanding. For example, "the import address entry for GetProcAddress() in sqlsort.dll shifts by 12. With no SQL Server service pack, the address of the entry is at 0x42AE1010, and on SP1 and SP2, it is at 0x42AE101C" (p. 29). The uninitiated should skim this chapter and trust the authors when they claim SQL Server can be attacked by multiple means.
SSS is a must-buy if you operate SQL Server. It's the manual Microsoft forgot to ship.
Securing SQL is not rocket science, but it is easy to do wrong.
This book shows how to do it right.