An attacker of SQL Server likes to be able to change the SQL Server configuration settings. In an ideal world, you will have left everything open for the intruder, but generally, every DBA reduces the surface of attack as much as possible.
Why would the attacker want to change these settings? You might think there's limited risk in, for example, enabling 'cross-database ownership chaining,' or setting certain databases to 'Trustworthy,' for a small number of databases, but intruders can exploit some of these settings to enable features that gain access to objects in other databases, or even take control of the whole server. They can use them to ship your data off to a remote server.
from DZone.com Feed https://ift.tt/2DQqxgv
No comments:
Post a Comment