Today I was runing a Squirral scan on a sql server 2000 instance found many security isssues so I bolg out the fixes done to that setting..
EXEC sp_MSforeachdb 'USE [?];
SELECT * FROM sysusers;'
GO
USE <Database Name>
GO
EXEC sp_revokedbaccess 'guest'
GO
use master revoke execute on xp_regread to public
use master revoke execute on xp_instance_regread to public
use msdb; revoke execute on sp_add_job to public; use master
use msdb; revoke execute on sp_add_jobserver to public; use master
use msdb; revoke execute on sp_add_jobstep to public; use master
use msdb; revoke execute on sp_start_job to public; use master
use msdb
revoke execute on sp_purge_jobhistory to public
revoke execute on sp_help_jobhistory to public
revoke execute on sp_delete_jobserver to public
revoke execute on sp_help_jobserver to public
revoke execute on sp_get_jobstep_db_username to public
revoke execute on sp_update_jobstep to public
revoke execute on sp_delete_jobstep to public
revoke execute on sp_help_jobstep to public
revoke execute on sp_add_jobschedule to public
revoke execute on sp_update_jobschedule to public
revoke execute on sp_delete_jobschedule to public
revoke execute on sp_help_jobschedule to public
revoke execute on sp_add_job to public
revoke execute on sp_update_job to public
revoke execute on sp_delete_job to public
revoke execute on sp_help_job to public
revoke execute on sp_get_job_alerts to public
revoke execute on sp_stop_job to public
revoke execute on sp_check_for_owned_jobs to public
revoke execute on sp_check_for_owned_jobsteps to public
use master
use master revoke execute on sp_readwebtask to public
use master revoke execute on sp_runwebtask to public
use master
exec sp_dropextendedproc 'sp_OACreate'
exec sp_dropextendedproc 'sp_OADestroy'
exec sp_dropextendedproc 'sp_OAGetErrorInfo'
exec sp_dropextendedproc 'sp_OAGetProperty'
exec sp_dropextendedproc 'sp_OAMethod'
exec sp_dropextendedproc 'sp_OASetProperty'
exec sp_dropextendedproc 'sp_OAStop'
EXEC sp_MSforeachdb 'USE [?];
SELECT * FROM sysusers;'
GO
USE <Database Name>
GO
EXEC sp_revokedbaccess 'guest'
GO
use master revoke execute on xp_regread to public
use master revoke execute on xp_instance_regread to public
use msdb; revoke execute on sp_add_job to public; use master
use msdb; revoke execute on sp_add_jobserver to public; use master
use msdb; revoke execute on sp_add_jobstep to public; use master
use msdb; revoke execute on sp_start_job to public; use master
use msdb
revoke execute on sp_purge_jobhistory to public
revoke execute on sp_help_jobhistory to public
revoke execute on sp_delete_jobserver to public
revoke execute on sp_help_jobserver to public
revoke execute on sp_get_jobstep_db_username to public
revoke execute on sp_update_jobstep to public
revoke execute on sp_delete_jobstep to public
revoke execute on sp_help_jobstep to public
revoke execute on sp_add_jobschedule to public
revoke execute on sp_update_jobschedule to public
revoke execute on sp_delete_jobschedule to public
revoke execute on sp_help_jobschedule to public
revoke execute on sp_add_job to public
revoke execute on sp_update_job to public
revoke execute on sp_delete_job to public
revoke execute on sp_help_job to public
revoke execute on sp_get_job_alerts to public
revoke execute on sp_stop_job to public
revoke execute on sp_check_for_owned_jobs to public
revoke execute on sp_check_for_owned_jobsteps to public
use master
use master revoke execute on sp_readwebtask to public
use master revoke execute on sp_runwebtask to public
use master
exec sp_dropextendedproc 'sp_OACreate'
exec sp_dropextendedproc 'sp_OADestroy'
exec sp_dropextendedproc 'sp_OAGetErrorInfo'
exec sp_dropextendedproc 'sp_OAGetProperty'
exec sp_dropextendedproc 'sp_OAMethod'
exec sp_dropextendedproc 'sp_OASetProperty'
exec sp_dropextendedproc 'sp_OAStop'
No comments:
Post a Comment
http://www.facebook.com/?ref=logo#!/SqlServer2008Tutorial