Book Review: SQL Server Security

• Excellent book from respected experts
• Current through Slammer worm
• Comprehensive but not *too* technical

• None

• Chapter 1- SQL Server Security: The Basics discusses SQL Server and database security issues
• Chapter 2- Under Seige: How SQL Server is Hacked talks about types of attacks and provides code
• Chapter 3- SQL Server Installation Tips covers some practices for installing SQL Server securely
• Chapter 4- The Network Libraries and Secure Connectivity covers best practices for SSL and more
• Chapter 5- Authentication and Authorization talks about various ways to restrict access
• Chapter 6- SQL Server in the Enterprise discusses active directory and server replication
• Chapter 7- Auditing and Intrusion Detection provides information on monitoring access
• Chapter 8- Data Encryption covers methods for encrypting data transmissions in SQL Server
• Chapter 9- SQL Injection: When Firewalls Offer No Protection covers this insidious method of attack
• Chapter 10- Secure Architectures gives a comprehensive overview of planning, testing and deploying

Microsoft SQL Server is a widely used enterprise database system. It was the target of the Slammer worm attack that crippled the Internet in January of 2003. The authors of SQL Server Security provide a comprehensive look at the weaknesses and vulnerabilities inherent in SQL Server and offer many solutions to help you ensure your data stays secure. The book includes a reference for mitigating the threat posed by stored procedures, a listing of other technologies that may impact SQL Server and security checklists for securing and maintaing SQL Server in the appendices. This book provides a ton of useful information without being too huge or too technical to be read comfortably. If you administer SQL Server systems, you should read this book.