Don't connect it to the internet :D

Make sure that all the relevant patches have been applied. Avoid the use of
dynamic SQL - this can allow SQL insertion attacks. Ensure that SA
passwords are set, and strong (ie mix of letters and numbers). Set up
Database roles for general access, and limit what each role can do to _only_
what is needed, eg Datareader should not be able to execute stored
procedures. Use views to present data, rather than query underlying tables.
Buy a book on system security ( and read it!)

HTH

Chris

-----Original Message-----
From: !! Ashutosh !! [mailto:[Email Address Removed] 27 August 2003 11:25
To: LazyDBA.com Discussion
Subject: Hacking


Hi All,

Please advice me how to protect the database from hacking.

Regards
Ashutosh
MS Sql Server LazyDBA home page