SQL7 sa account

SQL7 sa account

Post by Mahmood Ul-Ha » Tue, 23 Nov 1999 04:00:00



Hi

I am new to MSQL7. Can anyone help in explaining the security risks to
setting the 'sa' account to the default credentials i.e no password. There
is a
reason why we have had to do this but we have been told the system is
insecure with this configuration. The explanation given was that since 'sa'
is the default
administrator account, any person who uses SQL would be aware of this. If a
person is able to obtain the IP address of the server then they can
interrogate the database using a standard query tool.

Is there any way of making the system secure without having to change the
default details of the 'sa' account.

Many Thanks

Mahmood

 
 
 

SQL7 sa account

Post by Ron Talmag » Tue, 23 Nov 1999 04:00:00


Mahmood,

If you leave the sa password blank, or make it easily discovered (like
'123'), then anyone on the network who can see the server will be able to
connect and destroy your SQL Server.

To isolate the server, perhaps you could put it on its own network and not
trust that network with any other domain. Then only put those people you
trust on that network.

Ron
--
Ron Talmage
SQL Server MVP, MCP, MCSD


Quote:> Hi

> I am new to MSQL7. Can anyone help in explaining the security risks to
> setting the 'sa' account to the default credentials i.e no password. There
> is a
> reason why we have had to do this but we have been told the system is
> insecure with this configuration. The explanation given was that since
'sa'
> is the default
> administrator account, any person who uses SQL would be aware of this. If
a
> person is able to obtain the IP address of the server then they can
> interrogate the database using a standard query tool.

> Is there any way of making the system secure without having to change the
> default details of the 'sa' account.

> Many Thanks

> Mahmood


 
 
 

SQL7 sa account

Post by Roy Harve » Wed, 24 Nov 1999 04:00:00


Mahmood,

Quote:>I am new to MSQL7. Can anyone help in explaining the security risks to
>setting the 'sa' account to the default credentials i.e no password. There
>is a
>reason why we have had to do this but we have been told the system is
>insecure with this configuration.

It is totally insecure.  Not only can anyone trash the SQL Server
installation, but since the MSSQLServer service generally runs under
an account with admin rights anyone can trash anything else on the
server by using xp_cmdshell.  And if the account is a domain admin....

Quote:>The explanation given was that since 'sa'
>is the default
>administrator account, any person who uses SQL would be aware of this.

Yes, anyone who knows anything will know the sa account.  For that
matter most tools default to the sa account with an empty password, so
even people who know nothing at all will be able to get int.

Quote:>If a
>person is able to obtain the IP address of the server then they can
>interrogate the database using a standard query tool.

And trash it too.

Quote:>Is there any way of making the system secure without having to change the
>default details of the 'sa' account.

No.

Going back to your statement that "There is a reason why we have had
to do this", whatever the reason might be it is not good enough.  What
is this supposed reason, anyway?

Roy

 
 
 

SQL7 sa account

Post by Kenneth Shaple » Sun, 28 Nov 1999 04:00:00


Dear Mahmood,

I would strongly suggest posting the question in the SQL newsgroup the
reason why you must have an sa login and no password. Based on that, a
very nice person would be happy to give you an alternative solution
other than saying you must have a sa login and no password. There is
usually more than one way to skin a cat in this business.

Yours Truly,

Kenneth Shapley, MCSD, DBA/Developer.


> Hi

> I am new to MSQL7. Can anyone help in explaining the security risks to
> setting the 'sa' account to the default credentials i.e no password. There
> is a
> reason why we have had to do this but we have been told the system is
> insecure with this configuration. The explanation given was that since 'sa'
> is the default
> administrator account, any person who uses SQL would be aware of this. If a
> person is able to obtain the IP address of the server then they can
> interrogate the database using a standard query tool.

> Is there any way of making the system secure without having to change the
> default details of the 'sa' account.

> Many Thanks

> Mahmood