#1 - Ten hacker tricks to exploit SQL Server systems
SQL Server hackers have a medley of tricks and tools to gain access to your database systems. Learn their techniques and test SQL Server security before they do.
#2 - Password cracking tools for SQL Server
When performing SQL Server penetration tests and security audits, there is one probe you must not miss: password cracking. Contributor Kevin Beaver identifies tools to check for password weaknesses.
#3 - Ten IIS tips to lock down SQL Server
IIS security measures can be implemented outside SQL Server to protect databases from malicious attacks. CISSP Kevin Beaver offers 10 Internet Information Server tips to harden SQL Server security.
#4 - Working with schemas in SQL Server 2005
If you're managing too many databases with too many objects, it may be time to take advantage of SQL Server 2005's ANSI SQL feature: schemas. Find out how schemas can help.
#5 - Introducing the SQL Server 2005 Surface Area Configuration tool
Managing and securing SQL Server 2005 services could be a nightmare if not for the Surface Area Configuration tool.
#6 - Configure Windows Firewall to allow SQL Server connections
To access a SQL Server instance on a computer protected by Windows Firewall, you must configure the security tool to receive incoming connections. This tip explains how.
#7 - Encryption enhancements in SQL Server 2005
SQL Server encryption was once cumbersome and incomplete, as it failed to secure data at rest. Not any more, says CISSP Kevin Beaver. He explains SQL Server 2005 encryption enhancements and best practices.
#8 - Discover and lock down vulnerable SQL Server services
Be sure to protect those "naked" SQL Servers -- databases unnecessarily exposed to internal and external hackers. Contributor Kevin Beaver explains how to test for vulnerable SQL Server services.
#9 - Tool to configure and lock down SQL Server 2005 services
The SQL Server 2005 Surface Area Configuration tool allows you to manually enable only the services you absolutely need, minimizing the attack surface.
#10 - Run SQL Server as a domain account for network access
Security-conscious administrators tend to run SQL Server with reduced privileges -- but don't make those privileges too restrictive or you may find SQL Server unusable.
More information from SearchSQLServer.com
This was first published in August 2006