180 likes | 291 Views
Reading. SQL Server 2000 Security Tools. Training target: Read the following reading materials and use the reading skills mentioned in the passages above. You may also choose some parts of this passage to practice. Text.
E N D
Reading SQL Server 2000 Security Tools
Training target: Read the following reading materials and use the reading skills mentioned in the passages above. You may also choose some parts of this passage to practice.
Text SQL Server 2000 security tools are used to scan instances of Microsoft SQL Server 2000 and Microsoft SQL Server Desktop Engine(MSDE)2000.The tools help detect instances vulnerable to the Slammer worm,and then apply update to the affected files. There are three tools,namely SQL Server 2000 Scan,SQL Check,and SQL Critical Update.
1.SQL Critical Update SQL Critical Update scans the computer on which it is running for instances of SQL Server 2000 and MSDE 2000 that are vulnerable to the Slammer worm,and updates the affected files. SQL Critical Update runs on Windows 98,Windows ME,Windows NT 4.0,Windows 2000 and Windows XP,supported in a clustered environment.
Instances of SQL Server 2000 with Service Pack2(SP2)and security patch MS02ˉ039,MS02ˉ043,MS02ˉ056,or MS02ˉ061,or instances with SP3 or later,are not vulnerable to the Slammer worm.
Restrictions: • SQL Critical Update must be run on the local machine. • SQL Critical Update will fix vulnerabilities that it discovers; It cannot be used to simply disable an instance of SQL Server. • SQL Critical Update does not install SP3.It only updates vulnerable files. • SQL Critical Update will fix only MSDE installations that are the same language as the SQL Critical Update language you are running.
The user running SQL Critical Update must have permission to replace SQL Server files in the Program Directory. • SQL Critical Update works only if the ssnetlib.dll file exists for each instance of SQL Server being patched. • SQL Critical Update must target the active node in order to work in a clustered environment.
2.SQL Scan SQL Scan(Sqlscan.exe)scans an individual computer,a Windows domain,or a range of IP addresses for instances of SQL Server 2000 and MSDE 2000,and identifies instances that may be vulnerable to the Slammer worm. SQL Scan runs on Windows 2000 or higher and can identify instances of SQL Server 2000 and MSDE 2000 running on Windows NT4.0,Windows2000,or Windows XP(Professional).
Instances of SQL Server 2000 with Service Pack2(SP2)and security patch MS02ˉ039,MS02ˉ043,MS02ˉ056,MS02ˉ061,or instances with SP3 or later,are not vulnerable. Computers running SQL Server 7.0 and earlier are not vulnerable.
SQL Scan does not locate instances of SQL Server that are running on Windows98,Windows ME,or Windows XP(Home). SQL Scan does not detect instances of SQL Server that were started from the command prompt.
NOTE: In some circumstances,shutdown of an infected SQL Server instance may not complete successfully. You may need to use system management tools to terminate an infected process. SQL Scan requires one of the following items as input: (1)A domain (2)A range of IP addresses (3)A single machine name
SQL Scan must be run with domain administrator privileges when it is used to scan remote machines. Otherwise,you must be an administrator on the local machines.
SQL Scan will not return a conclusive result if either the ssnetlib.dll or sqlservr.exe file has been renamed. If these files have been renamed,you should change the names back to their original names. SQL Scan identifies vulnerable SQL Server instances on clustered machines,but does not disable them. Disabling and shutting down of SQL Server instances must be managed manually.
3.SQL Check • SQL Check scans the computer on which it is running for instances of SQL Server 2000 and MSDE 2000 that is vulnerable to the Slammer worm. SQL Check also identifies vulnerable SQL Server2000clusters,but does not disable them. SQL Check runs on Windows 98,Windows ME,Windows NT 4.0,Windows2000and Windows XP. On computers running Windows NT 4.0,Windows 2000 and Windows XP,it stops and disables the SQL Server and SQL Agent services. On computers running Windows98and Windows ME,it identifies vulnerable instances but does not stop or disable any services.
·SMS Deployment Tool This tool provides a SQLFIX.SMS file that you can use to create a package in SMS to deploy SQL Server Critical Update.
Servpriv.exe • If you are running SQL Server2000Service Pack2(SP2)or MSDE2000SP2and have already applied SQL Critical Update,you must also run the servpriv.exe utility that is included in this package to set the appropriate user rights on the corresponding service registry keys. This utility was first released in the Microsoft Security Bulletin MS02ˉ043.Servpriv.exe automatically runs with SQL Critical Update3.0and the new SQL Critical Update Wizard available in the latest SQL Critical Update Kit. If you are applying SQL Critical Update for the first time,you do not need to run servpriv.exe separately. See the readme_ServPriv.txt file for additional details.
SQL Server Critical Update Wizard The SQL Critical Update Wizard will walk you through the steps of detecting the vulnerability and updating the affected files. The SQL Critical Update Wizard runs on Windows98,Windows ME,Windows NT4.0,Windows2000and Windows XP. If you want to install SQL Critical Update on a cluster,use the SQL Critical Update tool instead of the Wizard.