This chapter covers
- Working with permissions
- Service account security
- Using xp_cmdshell
- Auditing privileged activity
- Attacks against encryption
- SQL injection attacks
In this chapter, we will explore some of the common mistakes that are made around the security of SQL Server. We will start by looking at the principle of least privilege. This principle states that users should only have enough permission to perform their day-to-day duties, but it is often not adhered to. We will explore the reasons for this and why it is so important. We will also explore the sa account, which is SQL Server’s built-in administrator account. Many accidental DBAs leave this account enabled, and we will discuss why this is not a good idea and how we can rectify it.
We will then turn our attention to service accounts. We will explore common mistakes that are made when defining our service account strategy. We will also discuss how to use a modern approach to implementing service accounts and how this can make our environment more secure and easier to manage.
We will look at the controversial subject of xp_cmdshell, which is an extended stored procedure that allows us (and bad actors) to interact with the operating system from inside a SQL Server instance. We will debunk the myths that lead database administrators (DBAs) to open their enterprise up to unnecessary attack.