SQL Server Security Distilled and over one million other books are available for Amazon Kindle. Learn more

Vous voulez voir cette page en français ? Cliquez ici.

Have one to sell? Sell yours here
Start reading SQL Server Security Distilled on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

SQL Server Security DBA Handbook [Paperback]

Morris Lewis , Culringstone Author Team
4.7 out of 5 stars  See all reviews (6 customer reviews)

Available from these sellers.


Amazon Price New from Used from
Kindle Edition CDN $33.76  
Paperback CDN $35.54  
Paperback, November 2002 --  
There is a newer edition of this item:
SQL Server Security Distilled SQL Server Security Distilled 4.7 out of 5 stars (6)
CDN$ 35.54
Usually ships in 4 to 6 weeks

Book Description

November 2002
Securing SQL Server is one of the most important responsibilities of the SQL Server professional. Ensuring your data is safe requires a combination of good systems and database administration, and intelligent application design – weaving a security plan that matches the capabilities and vulnerabilities of each contributing part.

But at its root, security is concerned with controlling access – authenticating who can access the data on the server, authorizing what users can do with that data, and securing data as it is transported. These core topics are the focus of this book.

SQL Server Security Distilled shows you:

What you can do to secure date in SQL Server
How SQL Server handles authentication and authorization in different versions
How SQL Server security integrates with Windows security
The security pros and cons of different transport protocols
Ways to tailor SQL Server security to different applications, including client-server and Web applications
How to secure DTS packages
The implications of different types of replication for security
The security features of SQL Server CE and its server-side agents

Curlingstone is a new imprint providing practical information on all aspects of the technology, techniques, and job roles that form the database community.

Product Details

Product Description

From the Publisher

Curlingstone is a new imprint providing practical information on all aspects of the technology, techniques, and job roles that form the database community.

About the Author

Morris Lewis has been smitten with Structured Query Language since the first time his professor wrote SELECT * FROM AUTHORS on the chalkboard 14 years ago. He has worked with no other database server since he first installed SQL Server 4.21a on his 16MHZ, Intel 386 computer with all of the 32 megabytes of RAM running Windows NT 3.51 more than 8 years ago…

With the mantra "It is ok to worry if they really are out to get you," he has focused on all aspects of securing Windows and SQL Server since he connected his first server to the Internet, six years ago. Now, he runs a training and consulting company, Holistech Incorporated, that focuses on helping clients create better and more secure database applications, and on teaching them how to avoid the mistakes that can lead to problems in the future.

--This text refers to an alternate Paperback edition.

Inside This Book (Learn More)
Browse and search another edition of this book.
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index | Back Cover
Search inside this book:

Customer Reviews

3 star
2 star
1 star
4.7 out of 5 stars
4.7 out of 5 stars
Most helpful customer reviews
5.0 out of 5 stars A Note from the Author April 15 2003
I spent just under 2 years doing the research for this book. In terms of breadth of coverage, there is no better book on the market. Rather than searching Microsoft's mammoth site for articles and white papers, everything you need to understand SQL Server security from version 6.5 to 2000 is in one book.
This book also goes deeper than the basic introduction to the various security mechanisms. Many books will tell you what SQL Server offers, but very few provide detailed information on *how* and *why* it works the way it does. Each chapter provides insights into the inner workings of SQL Server's security architecture and provides practical advice on how to use that information to keep your systems safe.
There are some other books that focus on showing you "hackers' tricks" for attacking your database servers, but this book takes the premise that if you do things the right way from the beginning, no hacker is ever going to find a trick that works on your systems. As an example, this book recommended configuring firewalls to block the traffic used by the Spammer virus long before the virus became news. Those who read this book and followed its advice slept soundly the weekend that Spammer was taking the Internet down.
Since the future of Curlingstone is in doubt, support for the book has moved to [...] and the author is not only committed to maintaining the current work but also planning to release an interim update in electronic format in the fall covering changes in SQL Server 2000 Service Pack 3 and any new discoveries found since December, 2002. The author also plans to release additional chapters on Yukon early next year for early adopters. This book is alive and will be updated periodically to keep its readers safe from the bad guys.
Was this review helpful to you?
5.0 out of 5 stars Excellent Security Reference Jan. 6 2003
I've been working with SQL Server for 11 years and run SQL Server Central.
And I learned a bunch from this book. This is one of the best references on SQL Server Security that I have seen written and I recommend it highly to every SQL Server DBA.
The book is written to cover versions 6.5, 7.0, and 2000. And it does a great job with each. It starts by looking at the way that logins are authenticated by the server. Great detail is given, even to the point of examining network sniffer traces to show how the communication occurs between the client and server.
From there, the database security is examined with separate chapters for v6.5 and 7/2000 since they work differently. Not only is the process explained, but the author notes where there are bugs and unforseen consequences of assigning security in certain ways.
The early chapters provide insight into how security works in SQL Server. The later chapters build on this to give hints and suggestions for implementing security in your applications, DTS, replication, and even SQL Server CE.
Overall, this is a must read for SQL Server DBAs. Developers will benefit as well since a thorough understanding can solve a great many problems and prevent even more.
Was this review helpful to you?
A good definition for exactly what this book does. It breaks down every segment of the SQL Server security infrastructure in intricate detail so security professionals and DBAs alike can make the right decisions. The books is a good fit for anyone who must support multiple SQL Server versions (including SQL 6.5/7/2000 and CE) in almost every conceivable scenario including replicated deployments.
Noticably absent were any discussions of the security implications of MSDE or a detailed guide to setting up SSL on SQL Server. That said, the information in this book is absolutely vital to anyone who needs to get up to date on SQL Server security and doesn't have time to sort through Books Online, White Papers, and assorted websites on the subject.
Was this review helpful to you?

Look for similar items by category