G
Guest
I'm running Microsoft Baseline Security Analyzer 2.0 in a WinXP SP2 PC. It
reports the following issues:
SQL Server Scan Results
Instance SONY_MEDIAMGR
Administrative Vulnerabilities
1) Registry Permissions: Internal error (43.7). What was scanned:
"SQL Server Registry Key SecurityCheck Description
This check ensures that the Everyone group is restricted to Read permission
for the following registry keys:
HKLM\Software\Microsoft\Microsoft SQL Server
HKLM\Software\Microsoft\MSSQLServerIf the Everyone group has more than Read
permission to these keys, it will be flagged in the security scan report as a
high-level vulnerability."
2) SQL Server/MSDE Security Mode:SQL Server and/or MSDE authentication mode
is set to SQL Server and/or MSDE and Windows (Mixed Mode). What was scanned:
"SQL Server Authentication ModeCheck Description
This check determines the authentication mode used on the computer running
Microsoft® SQL Server™ that is being scanned.
SQL Server provides two modes for securing access to the server: Windows
Authentication Mode and Mixed Mode.
In Windows Authentication Mode, SQL Server relies solely on the Windows®
authentication of the user. Windows users or groups are then granted access
to the computer running SQL Server. In Mixed Mode, users may be authenticated
by Windows or by SQL Server. Users that are authenticated by SQL Server have
their user name and password pairs maintained within the computer running SQL
Server.
Windows Authentication Mode
This security mode allows SQL Server to rely on Windows to authenticate
users in the same way as other applications. Connections made to the server
using this mode are called trusted connections.
When you use Windows Authentication Mode, the database administrator allows
users to access the computer running SQL Server by granting them the right to
log on to SQL Server. Windows security identifiers (SIDs) are used to track
Windows authenticated users. As Windows SIDs are used, the database
administrator can grant access directly to Windows users or groups.
Mixed Mode
In SQL Server, Mixed Mode relies on Windows to authenticate users when the
client and server are capable of using NTLM or Kerberos logon authentication
protocols. If either party is incapable of using a standard Windows logon,
SQL Server requires a user name and password pair, and compares this pair
against those stored in its system tables. Connections that rely on user name
and password pairs are called non-trusted.
Mixed Mode is supplied for two reasons:
Backward compatibility with older versions of SQL Server
Compatibility when SQL Server is installed on Windows 95 and Windows 98
operating systems
(Trusted connections are not supported on computers running Windows 95 or
Windows 98 when they are acting as the server.)"
I DELETED FROM THE REGISTRY ALL INSTANCES OF "SONY" AND ALSO DISABLED ALL
SQL SERVICES, BUT MBSA STILL REPORTS THE SAME ISSUE. THANKS FOR ANY FIX.
reports the following issues:
SQL Server Scan Results
Instance SONY_MEDIAMGR
Administrative Vulnerabilities
1) Registry Permissions: Internal error (43.7). What was scanned:
"SQL Server Registry Key SecurityCheck Description
This check ensures that the Everyone group is restricted to Read permission
for the following registry keys:
HKLM\Software\Microsoft\Microsoft SQL Server
HKLM\Software\Microsoft\MSSQLServerIf the Everyone group has more than Read
permission to these keys, it will be flagged in the security scan report as a
high-level vulnerability."
2) SQL Server/MSDE Security Mode:SQL Server and/or MSDE authentication mode
is set to SQL Server and/or MSDE and Windows (Mixed Mode). What was scanned:
"SQL Server Authentication ModeCheck Description
This check determines the authentication mode used on the computer running
Microsoft® SQL Server™ that is being scanned.
SQL Server provides two modes for securing access to the server: Windows
Authentication Mode and Mixed Mode.
In Windows Authentication Mode, SQL Server relies solely on the Windows®
authentication of the user. Windows users or groups are then granted access
to the computer running SQL Server. In Mixed Mode, users may be authenticated
by Windows or by SQL Server. Users that are authenticated by SQL Server have
their user name and password pairs maintained within the computer running SQL
Server.
Windows Authentication Mode
This security mode allows SQL Server to rely on Windows to authenticate
users in the same way as other applications. Connections made to the server
using this mode are called trusted connections.
When you use Windows Authentication Mode, the database administrator allows
users to access the computer running SQL Server by granting them the right to
log on to SQL Server. Windows security identifiers (SIDs) are used to track
Windows authenticated users. As Windows SIDs are used, the database
administrator can grant access directly to Windows users or groups.
Mixed Mode
In SQL Server, Mixed Mode relies on Windows to authenticate users when the
client and server are capable of using NTLM or Kerberos logon authentication
protocols. If either party is incapable of using a standard Windows logon,
SQL Server requires a user name and password pair, and compares this pair
against those stored in its system tables. Connections that rely on user name
and password pairs are called non-trusted.
Mixed Mode is supplied for two reasons:
Backward compatibility with older versions of SQL Server
Compatibility when SQL Server is installed on Windows 95 and Windows 98
operating systems
(Trusted connections are not supported on computers running Windows 95 or
Windows 98 when they are acting as the server.)"
I DELETED FROM THE REGISTRY ALL INSTANCES OF "SONY" AND ALSO DISABLED ALL
SQL SERVICES, BUT MBSA STILL REPORTS THE SAME ISSUE. THANKS FOR ANY FIX.