August 1, 2003 at 9:11 am
What is the security impact of NOT hotfixing Desktop Engines and MDACs on workstations inside a firewall? Are out of date workstations a risk to my servers?
August 1, 2003 at 11:02 am
Dependin on which service pack do you have in these workstation running MSDE? You may have to block TCP port 1433 in your firewall.
August 2, 2003 at 12:05 am
If you do not patch them against things like slammer for instance they could cause problems. SP3a disables the network librays and stops it listening on port 1434.
Steven
August 4, 2003 at 3:55 am
You should treat MSDE the same as SQL Server as far as fix levels, security setup, etc is concerned. There are many hacks out there that allow you to subvert one server from another. Using MSDE as a start point will work just as well as SQL Server Enterprise...
All information provided is a personal opinion that may not match reality.
Original author: https://github.com/SQL-FineBuild/Common/wiki/ 1-click install and best practice configuration of SQL Server 2019, 2017 2016, 2014, 2012, 2008 R2, 2008 and 2005.
When I give food to the poor they call me a saint. When I ask why they are poor they call me a communist - Archbishop Hélder Câmara
August 4, 2003 at 7:56 am
It really depends on how secure your LAN is behind your firewall. As many organizations have found out a firewall doesn't protect you from:
- VPN connections - If users are allowed to VPN into your network, any virus, worm, etc on their machine now has access to your LAN behind the firewall.
- Laptops - If users have laptops that are taken off the network and have access to the internet and/or another LAN, one that machine reconnects to your LAN any infection has access to your LAN behind the firewall.
In general, I would recommend patching every instance of MSDE and keeping workstations and servers current on 'critical patches'. You may want to look at "SQL Server 2000 Security Tools" at http://www.microsoft.com/downloads/details.aspx?FamilyID=9552d43b-04eb-4af9-9e24-6cde4d933600&DisplayLang=en
The SQL Scan utility is useful for detecting unpatched instances of SQL Server (including MSDE).
Viewing 5 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply