Security Basics mailing list archives
Re: Creating a checklist for SQL Server 2000
From: "Justin Ross" <RossJ () sddpc org>
Date: Fri, 23 Feb 2007 10:10:46 -0800
This should help. There are a variety of pretty good checklists and tools (which autocheck the settings mentioned in the checklist) available from NIST/DOD Checklist Homepage http://iase.disa.mil/stigs/stig/index.html Download Package http://iase.disa.mil/stigs/checklist/database-stig-v7r2.pdf justin.ross CCNA, MCSE, CCSE, CISSP
"Pranav Lal" <pranav.lal () gmail com> 2/22/2007 2:50:40 AM >>>
Hi all, I have been asked to get a checklist for SQL server 2000. I have found material at the following locations; http://www.nsa.gov/snac/db/mssql_2k.pdf http://msdn2.microsoft.com/en-us/library/aa302337.aspx http://www.sans.org/reading_room/whitepapers/application/1273.php?portal=3323855d672e12e0e1e53f32fb3f15af I find that SQL server security is highly integrated with the operating system so a separate SQL server 2000 only checklist is almost meaningless. Am I on the right track? The problem is that the client wants to see a "checklist" and consequently so does my boss. So, are there any checklists out there or do I have to carry out some kind of rephrasing exercise on material from the above links? Pranav --------------------------------------------------------------------------- This list is sponsored by: BigFix If your IT fails, you're out of business - or worse. Arm your enterprise with BigFix, the single converged IT security and operations engine. BigFix enables continuous discovery, assessment, remediation, and enforcement for complex and distributed IT environments in real-time from a single console. Think what's next. Think BigFix. http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/ --------------------------------------------------------------------------- --------------------------------------------------------------------------- This list is sponsored by: BigFix If your IT fails, you're out of business - or worse. Arm your enterprise with BigFix, the single converged IT security and operations engine. BigFix enables continuous discovery, assessment, remediation, and enforcement for complex and distributed IT environments in real-time from a single console. Think what's next. Think BigFix. http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/ ---------------------------------------------------------------------------
Current thread:
- Creating a checklist for SQL Server 2000 Pranav Lal (Feb 22)
- RE: Creating a checklist for SQL Server 2000 Warren Camp (Feb 23)
- <Possible follow-ups>
- Re: Creating a checklist for SQL Server 2000 Justin Ross (Feb 23)