MSSQL2000安全设置图文教程
Sql server 2000下建立独立帐号数据库方法来实现安全设置,目的是为了就是黑客得到mssql的sa密码,也只是低级的权限,不能进行超级管理员才有的权限。
MSSQL2000Sql server 2000建立独立帐号数据库方法
首先我们启动Sql server 2000数据库,并打开企业管理器连接我们使用的数据库并找到数据库选项,在上面点击 鼠标右键选择新建数据库如下图所示。建立数据库时可以在数据文件,和事件日志中设置数据文件的物理存放位置
然后我们在安全性中找登录项,在上面点击鼠标右键如下图所示。我们将他的默认数据库设置为我们刚刚建立的数据库。如果 系统为英文请将sql server的字符集设置为Chinese_PRC_CI_AS。
然后再将这个帐号映射到数据库中,以限定数据库帐号的范围。
警告:我们不要给数据库分配服务器角色,只需要如图所示赋予public,db_owner。
代码如下:
use master
EXEC sp_dropextendedproc 'xp_cmdshell'
EXEC sp_dropextendedproc 'Sp_OACreate'
EXEC sp_dropextendedproc 'Sp_OADestroy'
EXEC sp_dropextendedproc 'Sp_OAGetErrorInfo'
EXEC sp_dropextendedproc 'Sp_OAGetProperty'
EXEC sp_dropextendedproc 'Sp_OAMethod'
EXEC sp_dropextendedproc 'Sp_OASetProperty'
EXEC sp_dropextendedproc 'Sp_OAStop'
EXEC sp_dropextendedproc 'Xp_regaddmultistring'
EXEC sp_dropextendedproc 'Xp_regdeletekey'
EXEC sp_dropextendedproc 'Xp_regdeletevalue'
EXEC sp_dropextendedproc 'Xp_regenumvalues'
EXEC sp_dropextendedproc 'Xp_regread'
EXEC sp_dropextendedproc 'Xp_regremovemultistring'
EXEC sp_dropextendedproc 'Xp_regwrite'
drop procedure sp_makewebtask
更改默认SA空密码.数据库链接不要使用SA帐户.单数据库单独设使用帐户.只给public和db_owner权限.数据库的自动备份点击“开始”中的“程序”,点击“Microsorft SQL Server”打开“企业管理器”,并打开如图所示的界面,鼠标右击“zbintel117_all”,选“所有任务”,再选“维护计划”。 如果点击“完成”按钮,出现下图界面,说明SQL Server Agent服务停止,应该启用SQL Server Agent服务。 启用“SQL Server Agent”服务
代码如下:
下面内容来自网络仅作为参考,其中
exec sp_dropextendedproc 'Xp_regdelete'
exec sp_dropextendedproc 'Xp_regenums'
内容与上文不同,实际使用以上文为准。
命令删除SQL的扩展
use master
exec sp_dropextendedproc 'xp_cmdshell'
exec sp_dropextendedproc 'xp_dirtree'
exec sp_dropextendedproc 'xp_enumgroups'
exec sp_dropextendedproc 'xp_fixeddrives'
exec sp_dropextendedproc 'xp_loginconfig'
exec sp_dropextendedproc 'xp_enumerrorlogs'
exec sp_dropextendedproc 'xp_getfiledetails'
exec sp_dropextendedproc 'Sp_OACreate'
exec sp_dropextendedproc 'Sp_OADestroy'
exec sp_dropextendedproc 'Sp_OAGetErrorInfo'
exec sp_dropextendedproc 'Sp_OAGetProperty'
exec sp_dropextendedproc 'Sp_OAMethod'
exec sp_dropextendedproc 'Sp_OASetProperty'
exec sp_dropextendedproc 'Sp_OAStop'
exec sp_dropextendedproc 'Xp_regaddmultistring'
exec sp_dropextendedproc 'Xp_regdeletekey'
exec sp_dropextendedproc 'Xp_regdelete'
exec sp_dropextendedproc 'Xp_regenums'
exec sp_dropextendedproc 'Xp_regread'
exec sp_dropextendedproc 'Xp_regremovemultistring'
exec sp_dropextendedproc 'Xp_regwrite'
drop procedure sp_makewebtask
go
恢复扩展存储过程,执行以下语句。
至于sp_makewebtask 这个存储过程你可以从别人那拷贝过来一个脚本,
执行以后生成的存储过程一样可以用。
use master
exec sp_addextendedproc xp_cmdshell,'xp_cmdshell.dll'
exec sp_addextendedproc xp_dirtree,'xpstar.dll'
exec sp_addextendedproc xp_enumgroups,'xplog70.dll'
exec sp_addextendedproc xp_fixeddrives,'xpstar.dll'
exec sp_addextendedproc xp_loginconfig,'xplog70.dll'
exec sp_addextendedproc xp_enumerrorlogs,'xpstar.dll'
exec sp_addextendedproc xp_getfiledetails,'xpstar.dll'
exec sp_addextendedproc sp_OACreate,'odsole70.dll'
exec sp_addextendedproc sp_OADestroy,'odsole70.dll'
exec sp_addextendedproc sp_OAGetErrorInfo,'odsole70.dll'
exec sp_addextendedproc sp_OAGetProperty,'odsole70.dll'
exec sp_addextendedproc sp_OAMethod,'odsole70.dll'
exec sp_addextendedproc sp_OASetProperty,'odsole70.dll'
exec sp_addextendedproc sp_OAStop,'odsole70.dll'
exec sp_addextendedproc xp_regaddmultistring,'xpstar.dll'
exec sp_addextendedproc xp_regdeletekey,'xpstar.dll'
exec sp_addextendedproc xp_regdelete,'xpstar.dll'
exec sp_addextendedproc xp_regenums,'xpstar.dll'
exec sp_addextendedproc xp_regread,'xpstar.dll'
exec sp_addextendedproc xp_regremovemultistring,'xpstar.dll'
exec sp_addextendedproc xp_regwrite,'xpstar.dll'
以上语句是自动生成的。
感兴趣你可以看一下以下语句,上边的语句就是这么生成的。
由于我机器上的扩展存储过程没有drop掉,所以可以生成上边的语句。
create table #temp( name varchar(100),dll varchar(100))
truncate table #temp
insert into #temp
exec sp_helpextendedproc 'xp_cmdshell'
insert into #temp
exec sp_helpextendedproc 'xp_dirtree'
insert into #temp
exec sp_helpextendedproc 'xp_enumgroups'
insert into #temp
exec sp_helpextendedproc 'xp_fixeddrives'
insert into #temp
exec sp_helpextendedproc 'xp_loginconfig'
insert into #temp
exec sp_helpextendedproc 'xp_enumerrorlogs'
insert into #temp
exec sp_helpextendedproc 'xp_getfiledetails'
insert into #temp
exec sp_helpextendedproc 'Sp_OACreate'
insert into #temp
exec sp_helpextendedproc 'Sp_OADestroy'
insert into #temp
exec sp_helpextendedproc 'Sp_OAGetErrorInfo'
insert into #temp
exec sp_helpextendedproc 'Sp_OAGetProperty'
insert into #temp
exec sp_helpextendedproc 'Sp_OAMethod'
insert into #temp
exec sp_helpextendedproc 'Sp_OASetProperty'
insert into #temp
exec sp_helpextendedproc 'Sp_OAStop'
insert into #temp
exec sp_helpextendedproc 'Xp_regaddmultistring'
insert into #temp
exec sp_helpextendedproc 'Xp_regdeletekey'
insert into #temp
exec sp_helpextendedproc 'Xp_regdelete'
insert into #temp
exec sp_helpextendedproc 'Xp_regenums'
insert into #temp
exec sp_helpextendedproc 'Xp_regread'
insert into #temp
exec sp_helpextendedproc 'Xp_regremovemultistring'
insert into #temp
exec sp_helpextendedproc 'Xp_regwrite'
select 'exec sp_addextendedproc '+name+','''+dll+''''
from #temp
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1664
14
1423
52
1317
25
1268
29
1243
24
How to set up security settings in 360 Extreme Browser
Jan 29, 2024 pm 09:51 PM
How should 360 Speed Browser perform security settings? When we use 360 Speed Browser, how should we perform security settings? Let’s introduce it below! We usually use 360 Speed Browser to browse the web. When we use it, we are worried that harmful websites will invade our browser, so we will make some security settings. So how to set them up specifically? The editor has compiled the 360 Speed Browser below. Detailed operation of security settings. If you don’t know how, follow me and read on! Detailed operations for security settings on 360 Speed Browser 1. Open 360 Speed Browser, find the icon with three horizontal lines in the upper right corner, and click to enter. 2. Enter the main settings menu, find the "Options" below, and click to enter. 3. After entering the "Options" interface, on the left
PHP file permission management and security settings
Aug 08, 2023 pm 02:51 PM
PHP file permissions are one of the important measures to protect file security on the server. Properly setting file permissions can prevent malicious users from modifying, deleting, or executing malicious code on files. Therefore, when developing and deploying PHP applications, file permissions must be correctly set and managed to ensure application security. 1. Basic concepts File permissions are divided into three levels, namely user (Owner), user group (Group) and other users (Other). Each level has three permissions, namely read (Re
How to solve the 'Security settings change problem that prompts the pin code is no longer available after Win11 is turned on'
Jan 29, 2024 pm 02:27 PM
When we use win11 system, we will set the pin code to help our computer data. However, many users also show that the security settings on this device have been changed when setting the pin code, and the pin code is no longer available. So what should we do? manage? Users can go into the troubleshooter to make settings. Let this site give users a detailed introduction to what to do if Win11 starts up and it shows that the security settings on this device have been changed and the pin code is no longer available? Bar. What should I do if it shows that the security settings on this device have been changed and the pin code is no longer available when booting up Windows 11? First, on the page where your PIN is unavailable and you need to reset your PIN, hold down the shift key and select Restart. Please wait later will appear, and then enter the reset
Security settings for Nginx access control list (ACL)
Jun 10, 2023 pm 09:55 PM
In today's Internet environment, security has become an important part of any system. Nginx is one of the most popular web servers currently, and its access control list (ACL) is an important tool for protecting website security. A well-set Nginx ACL can help you protect your server and website from attacks. This article will discuss how to set up Nginx access control lists to ensure the security of your website. What is Nginx Access Control List (ACL)? ACL(AccessCon
Nginx HTTP2 protocol optimization and security settings
Jun 10, 2023 am 10:24 AM
As the Internet continues to develop and improve, Web servers have increasingly higher requirements for speed and performance. To meet such demands, Nginx has successfully mastered the HTTP2 protocol and incorporated it into its server's performance. The HTTP2 protocol is more efficient than the earlier HTTP protocol, but it also has specific security issues. This article will introduce you in detail how to optimize Nginx's HTTP2 protocol and security settings. 1. Nginx HTTP2 protocol optimization 1. Enable HTTP2 in N
Nginx performance optimization and security settings
Jun 10, 2023 am 09:18 AM
Nginx is a commonly used web server, proxy server and load balancer with superior performance, security and reliability, and can be used for high-load web applications. In this article, we will explore Nginx performance optimization and security settings. 1. Performance optimization and adjustment of worker_processes parameter worker_processes is an important parameter of Nginx. It specifies the number of worker processes that can be used. This value needs to be based on server hardware, network bandwidth, load type, etc.
IPv6 security settings for Nginx
Jun 10, 2023 pm 02:16 PM
With the popularity of IPv6, more and more websites need to consider the security of IPv6, and Nginx, as a high-performance web server, also needs IPv6 security settings to ensure the safe operation of the website. This article will introduce Nginx’s IPv6 security settings methods and precautions to help administrators better protect the security of the website. Enabling IPv6 support First, it is very important to enable IPv6 support in Nginx. Make sure Nginx is compiled with the correct IPv6 options. At compile time,
Nginx HTTP response headers and security settings practice
Jun 10, 2023 am 10:22 AM
Nginx is a widely used web server and reverse proxy server. While providing high-performance web services, Nginx also has good security performance. In the configuration of Nginx, the correct configuration of HTTP response headers and security settings is one of the important factors to ensure the security of Nginx. This article will introduce Nginx's HTTP response headers and security settings, and provide some practical experience. 1. HTTP response headers HTTP response headers are some HTTP headers returned by the server when responding to client requests.
