July 30, 2008 at 9:22 am
Using your logic I could also suggest that the tools necessary to configure IIS shouldn't be installed on a server. After all IIS can accept connections from another machine and allow you to manage it from outside the box. The same goes for most other management tools in Windows that allow administrators to make changes to the server.
Your argument that a server is a server and not a workstation is one of the reasons why Microsoft created the core installation in Windows 2008 (and why Unix\Linux has had this option for ages)...but even in a core installation scenario a server has some tools installed to manage it. That's why I argue the key is to secure access to the server to begin with. Don't get me wrong - I'm not saying go willy-nilly installing things like the BI Development Studio or Visual Studio on your servers; those are development tools. SSMS doesn't have a clear delineation between management tools and development tools when it comes to what it can do. I am suggesting that it's OK to install SSMS on your server for use as a management tool when the poeple who manage the server need it and have the appropriate rights to use it.
I've dealt with SOX auditors before and I know how they like to probe for everything. I've found that they're not so much concerned about what's installed as much as they are about the controls in place to ensure that what's installed is used properly. They want to know there's a mechanism in place to audit that use and alert\report on the exceptions to the rules.
If you really want to secure your server...turn it off! :hehe:
July 31, 2008 at 5:02 am
I am with Kendall on this one. I install SSMS on my production servers because it becomes very necessary in some instances. Such as if you are offsite & need to run or troubleshoot, it is much quicker to remote into the server & work rather than doing all that over a VPN connection.
If you are not installing SSMS to prevent someone from getting into SQL Server, then you have other security issues like Kendall said. Those should people should not have permissions to either remote into the server, physically login into the server or login into SQL server. This should definitely be handled by security in windows or sql & not by not installing management tools. Our system administrators & other IS team members can remote into some of my production servers but they definitely cannot log into SQL server through SSMS. Or if they can, it is with very limited permissions.
just my 2 cents...
John
July 31, 2008 at 8:18 am
I Agree with you, if you want SQLMS on Production server then you can have them with minimum rights, it really depends upon personal requriments of the organization, in my case, we are in middle of migration of datacentre, so we got different firewall configuration, if i need to log into the machine remotely then it will be more useful for me to login directly to the server instead of logging into my machine in office and then work on them to connect to the Live servers. 😀
August 1, 2008 at 7:09 pm
My dear DBA,my nick is Deg,I have been working with sql server 2005 about two years full time the solution for your problem follows below,I own more than 600 stored procedures to solve troubles:
/********************************************************************************/
/* Created By : Degmar Gomes Barbosa
Created On : 2007-04-14
Target: Create a security trigger to avoid Insert-Update-delete without
application
exec [sp_TRI_009_cr_Trigger_mssms] 'put the name of your table here'
*/
/********************************************************************************/
create proc [dbo].[sp_TRI_009_cr_Trigger_mssms]
@tb sysname
AS
SET NOCOUNT ON
declare @doc varchar(max),@stm varchar(max)
set @doc =
'/********************************************************************************/
/* Created By : Degmar Gomes Barbosa */
/* Created On : 2007-04-13 */
-- Target: Create a security trigger to avoid Insert-Update-delete without
-- application
/********************************************************************************/' + char(10)
set @stm = 'CREATE TRIGGER dbo.Tr_Security_mssms_' + @tb + char(10) +
' ON ' + @tb + char(10) +
'after insert,update,delete
AS
BEGIN
SET NOCOUNT ON
declare @chk sysname
set @chk = app_name()
if @chk = ''Microsoft SQL Server Management Studio - Query''
print ''Insert-Update-delete no permission without application''
rollback
END'
set @stm = @doc + @stm
exec(@stm)
Viewing 4 posts - 16 through 18 (of 18 total)
You must be logged in to reply to this topic. Login to reply