SQL Server Security

David Litchfield (Sutton, Surrey, England) is a world-renowned security expert specializing in Windows NT and Internet security. His discovery and remediation of over 100 major vulnerabilities in products such as Microsoft's Internet Information Server, SQL Server, and Oracle's Application Server have lead to the tightening of sites around the world. David Litchfield is also the author of Cerberus' Internet Scanner (previously NTInfoscan), one of the world's most popular free vulnerability scanners. In addition to CIS, David has written many other utilities to help identify and fix security holes. David is the author of many technical documents on security issues including his tutorial on Exploiting Windows NT Buffer Overruns referenced in the book "Hacking Exposed". David is a prominent speaker at security conferences worldwide and recently spoke on database security at the 2002 Black Hat Conference.

1: SQL Server Security: The Basics 2: Under Siege: How SQL Server Is Hacked 3: SQL Server Installation Tips 4: The Network-Libraries and Secure Connectivity 5: Authentication and Authorization 6: SQL Server in the Enterprise 7: Auditing and Intrusion Detection 8: Data Encryption 9: SQL Injection: When Firewalls Offer No Protection 10: Secure Architectures Appendix A: System and Extended Stored Procedure Reference Appendix B: Additional Technologies that Impact SQL Server Security Appendix C: Connection Strings Appendix D: Security Checklists