How to Secure MSSQL and “sa” Hack attempt

Written by Mangesh on September 27, 2008 – 3:02 am -

How to Secure MSSQL and “sa” Hack attempt

Check service context

Check patch level

Set mode to Windows Authentication

Assign long, random ‘sa’ account password

Enable authentication auditing

Disable SQLAgent, Microsoft Distributed Transaction Coordinator (MSDTC), and MSSEARCH

Disable adhoc queries on all providers

Remove sample databases

Tighten permissions on master/msdb database objects

Increase log history

Delete temp files used for install/upgrades

How to Protect MSSQL Accounts Or Users

Strong password enforcement

Entropy, Lifetime, Length

Enable auditing (at least failed logins)

Encrypt all sensitive traffic

SSL recommended

Multi-protocol encryption not recommended

No multiple instance support (instances only supported on Named Pipes, TCP/IP, NWLink, and Shared Memory net libs)

RPC encryption API only – weaker key management

Keep credentials out of connection strings and encrypted when possible

DPAPI (http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/html/SecNetHT08.asp)

About MSSQL Helpful Tips :

Use Windows Auth when possible

Use principle of least-privilege

Assign MSSQL Server service non-administrator user context

Take the time to properly implement trusted security (Windows Auth Mode)

Don’t place passwords in script/code

Assign complex ‘sa’ password even when using Windows Authentication


Tags: , , , , , , , , , , ,
Posted in Dedicated Server Hosting | 1 Comment »

How to restore database backup of MSSQL

Written by Mangesh on September 20, 2008 – 3:10 am -

1. Open MSSQL Server Management Studio. (Start >>> programs >>> Microsoft SQL server 2005 >>>
SQL server Management studio Express)

2. Connect to MS SQL Server database
(Connect to server window)
Server name: 192.168.XX.XX\SQLEXPRESS
Authentication: SQL server Authentication OR Windows Authentication
Login: sa
Password: xxxxxx

Then press connect

3. After login to SQL server

1. Expand the Databases
2. Select the database test_db
3. Right click on database
4. Select Tasks >>> then select restore
5. Open restore database window
6. Under the source for restore >>> select from device
7. Then select square box in front of from device
8. Specify backup window open
9. Select add button
10. C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Backup\test_db.bak ( Backup location path ) >>> press ok
11. Select the check box (Restore) under the select the backup sets to restore
12. After this select the “Option” Icon >>> under the restore options >>> select Overwrite the
existing database >>> press ok
13. Restore DB successfully massage window comes >>> press ok

Done.


Tags: , , , , , ,
Posted in Dedicated Server Hosting | No Comments »

Performance Tips for Your Windows VPS

Written by Swapnil on September 18, 2008 – 8:14 am -

Here is the top 10 tips and tricks to help optimize your Windows VPS server running on Virtuozzo.

1. Disable Indexing Service.
Unless you’re using the FrontPage search bot you generally don’t need indexing service running and you should disable it.

2. Defrag your drives.
Disk I/O is king, especially in a VPS and you should be regularly defragging your drives in your VPS just as you would in a physical server.

3. Don’t run antivirus in the VPS.
Antivirus should always be run from the host node and on our servers it is. We use either AVG or McAfee on our hardware nodes. This doesn’t mean you have to accept virus infected emails. Configure your mail client to allow a suitable delay in email delivery (I recommend 60 seconds if you can, otherwise 30 should be sufficient) and the hostnode antivirus will take care of the rest.

Smartermail installs clamd these days and we recommend you disable it and not use it. It’s proven to be quite the resource hog.

4. Don’t run spamassassin.
Disable spamassassin checks in your VPS Hosting when running Smartermail. If you absolutely have to have spamassassin running with your VPS Hosting you should run spamassassin on a Linux dedicated server or VPS Hosting and remotely connect to it in smartermail, this works great and allows you to make use of threading.

5. Enable Windows Firewall and secure your VPS Hosting.
This is a must. Although the kernel is protected in your VPS Hosting, you’re still responsible for security in your virtual private server. Enable Windows Firewall and configure it.

While on the topic of security you do not have to install OS updates, these are managed at the host-level. However you do need to remain aware of new updates and install them for any other server software you may have installed on your windows VPS Hosting server such as SQLexpress updates, Smartermail updates, etc. If you’re using Plesk you can request support to update Plesk for you as it’s installed through an application template. Verify things like open-relay mail servers are not enabled, anonymous FTP uploads are disabled, etc.

6. Whenever possible use an application template.
Application templates save memory and diskspace on your VPS Hosting. An example of this is the OS install on your VPS Hosting. With just Windows your VPS Hosting uses about 150MB of diskspace, yet a full install of the OS uses about 4GB of diskspace. In fact an install of Windows Server 2003 on almost every other virtualization platform will use 4GB of diskspace. This is a huge savings.

7. Close your Terminal Services sessions and logout, do not just disconnect.
Each active Terminal Services session uses about 20MB of memory. When you consider each VPS Hosting has generally 2 TS sessions (3 if you include the fact you’re able to TS into the console by using the command mstsc /console /v:YOUR_SERVERNAME ) and figure about 30 active VPS Hostings on a machine that adds up to close to 2GB of memory that would be wasted memory on a server.

8. Some applications when installing may require you to connect to console port.
One such application is Windows Sharepoint Services 3.0. To connect to the console port use the command from dos: mstsc /console /v:YOUR_SERVERNAME where YOUR_SERVERNAME is your VPS Hosting host name.

9. Don’t forget that you can manage your VPS Hosting through the Virtuozzo Power Panels,
This includes tasks such as stop, start, reboot, backup, restore and even mount the filesystem without turning on the VPS Hosting. To access the management port go to: https://YOUR_SERVERNAME:4643/ where YOUR_SERVERNAME is your VPS Hosting host name. Remember when connecting to a port you have to explicitly type http://YOUR_SERVERNAME:PORT/ and not just type YOUR_SERVERNAME:PORT.

There is a bug in the virtuozzo power panels that it may throw errors and say contact your web hosting provider. If you get these errors the first thing you should do is go to preferences and set the timezone to your local time zone and not leave it to server default. This generally fixes that error and a bugfix is due out shortly from SWsoft to fix this known issue.


10. Configure your SQL Server services or better yet use shared SQL.

These days any web application is going to require a SQL Server database be it MSSQL or MySQL. Our recommendation is use a shared SQL Server database on a shared database server. Today SQL Server hosting is pretty cheap and networks like ours use a dedicated gigabit network for internal traffic so any latency connecting to the SQL Server would be offset quickly by the amount of memory and Disk I/O you’d save by not running SQL Server on your VPS Hosting. If you must run SQL Server on your VPS Hosting though then make sure you set a memory cap on the SQL Server service or you’ll find before long it’s using all your memory on your VPS Hosting and your applications will be starving for memory.

VPS Hosting’s have two types of resources they need to manage the most, that’s memory and disk I/O. Everything you can do to minimize or optimize your usage of these two resources will improve your VPS Hosting performance. We would love to hear from anyone else that has any recommendations on how to improve the performance/security of a VPS Hosting/VE running on Virtuozzo for Windows.

Thanks to David Marshall.


Tags: , , , , , , , , , , , , , ,
Posted in Windows VPS | 1 Comment »

MSSQL

Written by Mangesh on September 18, 2008 – 7:23 am -

How to backup the databases

Backup of MS SQL Server 2005 databases

This is the steps of backup:

1. Open MSSQL Server Management Studio. (Start >>> programs >>> Microsoft SQL server 2005 >>>
SQL server Management studio Express)

2. Connect to MS SQL Server database :
(Connect to server window)
Server name: 192.168.XX.XX\SQLEXPRESS
Authentication: SQL server Authentication OR Windows Authentication
Login: sa
Password: xxxxxx

Then press connect

3. after login to SQL server

1. Expand the Databases
2. select the database test_db
3. right click on database
4. select Tasks >>> select backup
5. then open backup database window
6. Under Backup type select Full
7. Under the destination
8. C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Backup\test_db.bak
9. Enter the path and file name for the backup file
( add this default path and backup should be in .bak format )
10. Press OK
11. backup successfully windows
12. press ok
Done.


Tags: , , , , , ,
Posted in Windows VPS | 1 Comment »
RSS

  • Subscribe Me

  • Tag Cloud

  • Archives