How to Secure MSSQL and “sa” Hack attempt

Check service context

Check patch level

Set mode to Windows Authentication

Assign long, random ‘sa’ account password

Enable authentication auditing

Disable SQLAgent, Microsoft Distributed Transaction Coordinator (MSDTC), and MSSEARCH

Disable adhoc queries on all providers

Remove sample databases

Tighten permissions on master/msdb database objects

Increase log history

Delete temp files used for install/upgrades

How to Protect MSSQL Accounts Or Users

Strong password enforcement

Entropy, Lifetime, Length

Enable auditing (at least failed logins)

Encrypt all sensitive traffic

SSL recommended

Multi-protocol encryption not recommended

No multiple instance support (instances only supported on Named Pipes, TCP/IP, NWLink, and Shared Memory net libs)

RPC encryption API only – weaker key management

Keep credentials out of connection strings and encrypted when possible

DPAPI (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT08.asp)

About MSSQL Helpful Tips :

Use Windows Auth when possible

Use principle of least-privilege

Assign MSSQL Server service non-administrator user context

Take the time to properly implement trusted security (Windows Auth Mode)

Don’t place passwords in script/code

Assign complex ‘sa’ password even when using Windows Authentication