August 21, 2009 at 4:23 pm
Working on instructions for securing a SQL 2005/2008 server for credit card PCI compliance. Below are the specific requirements from the PCI spec that I am using SQL Server auditing to cover.
The specific items; 10.2.3 and 10.2.6 are the requirements I am solving for. Can I audit these actions?
10.2.2 All actions taken by any individual with root or administrative privileges
10.2.3 Access to all audit trails
10.2.4 Invalid logical access attempts
10.2 5 Use of identification and authentication mechanisms
10.2.6 Initialization of the audit logs
Thanks
August 23, 2009 at 12:13 am
Can you elaborate on the audit logs you are referring to?
August 23, 2009 at 7:25 am
Sure, its the log that gets the entries when someone does a login or logout of SQL Server. You can then view the logs in SQL Server Management Studio by clicking on Management/SQL Server Logs.
August 23, 2009 at 8:21 am
- You can indeed switch your sqlserver instance to "audit login all", that will insert a row for every logon attempt in the sqlserver instance Errorlog file.
Off course you'll have to secure that file at os level and take copies at frequent inverval,...
- to trace what's going on you could use my little article "
SQL Server and SOX" to get started.
http://www.sqlservercentral.com/articles/Security/3203/
- Keep in mind at windows level you can also audit the (windows) logons at os-level.
- you can also capture sqlserver login events yourself ( see "Scope: The drastic caveat with Logon Triggers." !
at http://www.sqlservercentral.com/articles/Administration/64974/ )
Johan
Learn to play, play to learn !
Dont drive faster than your guardian angel can fly ...
but keeping both feet on the ground wont get you anywhere :w00t:
- How to post Performance Problems
- How to post data/code to get the best help[/url]
- How to prevent a sore throat after hours of presenting ppt
press F1 for solution, press shift+F1 for urgent solution
Need a bit of Powershell? How about this
Who am I ? Sometimes this is me but most of the time this is me
August 23, 2009 at 8:36 am
All you need is C2 Administrator’s and User’s Security Guide Revision 1.1
you can donwload this guide from :
Regards,
Sarabpreet Singh
Sarabpreet.com
SQLChamp.com
Twitter: @Sarab_SQLGeek
August 23, 2009 at 8:37 am
You can download the guide from here also.
Regards,
Sarabpreet Singh
Sarabpreet.com
SQLChamp.com
Twitter: @Sarab_SQLGeek
August 23, 2009 at 11:18 am
Thanks guys, this looks like good stuff!
Viewing 7 posts - 1 through 7 (of 7 total)
You must be logged in to reply to this topic. Login to reply
This website stores cookies on your computer.
These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media.
To find out more about the cookies we use, see our Privacy Policy