SQL server running SQL Server 2000 with the permission of guess

Time:2021-10-21

Due to its own vulnerability in SQL2000 database, hackers can easily obtain system administrator privileges through him.

SQL runs with system permission by default, and the permission is super powerful.

In order to make the server more secure, it is recommended to set SQL2000 to run with the permissions of ghosts, so that even if hackers invade the database, they can not obtain the permissions of system administrator to prevent further damage.

The specific setting method is as follows:

1. Establish an account (assumed as sqlservice here) that belongs to the guess group. Note that other permissions are cancelled and only the guess group is allowed, as shown in the following figure:

2. Enter the SQL Server Security directory and set the “sqlservice” account to have full control permissions.

My local SQL is installed in: D: \ program files \ Microsoft SQL Server \, so the directory where permissions need to be set is: D: \ program files \ Microsoft SQL Server \ MSSQL\

3. Set the root directory of SQL installation disk to have “sqlservice” read permission. My local is disk D.

4. Open SQL enterprise manager, right-click “(local) (Windows NT), and then select” properties “

5. Select “security” in the pop-up window; Select start service account – this account, fill in the newly created sqlservice and password, and then click OK to save.

At this time, you will be prompted whether you need to restart SQL. Select OK to restart.

As shown in the following figure, the user name is “sqlservice”, indicating that it has been set.