Securing SQL Server 7.0 Servers Resource Guide

Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

If possible, upgrade to SQL Server 2000. If this is not possible, follow these steps to improve the security of the system.

  1. Install the latest SQL 7.0 Server service pack.

  2. Use the HotFix & Security Bulletin Service to find updates released since the latest service pack. Search for updates by specifying the current service pack level.

  3. Subscribe to the Microsoft Security Notification Service to receive notifications of future security updates.

  4. Use the Baseline Security Analyzer to scan and evaluate the security of your SQL Server.

  5. If possible, use Windows Authentication Mode instead of Mixed Mode authentication.

  6. Minimize the users with Administrator or sa privileges.

  7. Ensure the sa account has a complex password.

  8. Use the KillPwd utility to ensure setup files do not contain private information.

  9. Restrict SELECT, INSERT, UPDATE, and DELETE permissions so that users and groups have the minimum access necessary to private tables and views.

  10. Create views to enforce row and column level security instead of applying those permissions directly to the underlying tables.

  11. Restrict all registry keys under HKEY_LOCAL_MACHINE \SOFTWARE\Microsoft\Microsoft SQL Server 7.0\ by using permissions so that only the local Administrators group, the domain user account(s) that the SQL Server services are running under, and the local SYSTEM account have Full Control to these keys.

On This Page

Ongoing Security Maintenance
Additional Security Resources

Ongoing Security Maintenance

Without ongoing maintenance, your system can become vulnerable to new forms of attacks. Further, the security of your system will degrade over time due to human error of administrators managing the system. Follow these recommended steps on a regular basis:

  1. Use the Baseline Security Analyzer regularly to scan and evaluate the security of SQL Server.

  2. Subscribe to the Microsoft Security Notification Service. This is a free email notification service that Microsoft uses to send information to subscribers about the security of Microsoft products.

  3. As new security fixes become available, it is important to apply these new fixes. Microsoft has created the Qchain tool to chain hotfixes together in order for only one reboot to be required when installing several fixes.

Additional Security Resources

You can find additional information about keeping your SQL Server 7.0 servers secure in the following sources: