SQL Server was hacked need advice
Posted on 2008-06-23
I came into work today to a missing set of tables in a database.
This was a complete order database holding all of our members orders. (Yikes!)
The database was there, but it was completely empty.
Clicking on it in SQL Sever Management did nothing but highlight the name.
After the mini heart attack and the quick check of the classifieds I took stock and restored from a database backup (unfortunately it was a full day old)
My question is about permisions.
what is the best way to secure this database in the future?
Previously in my ignorance and to get this running I set up a bunch of users and did trial and error, in the process I am sure I set some kind of permisson to that let this happen.
On the Table, I have removed ALL users except one and I have made the password tougher for that one.
I removed all permissions and sdtarted over. The one user now has Select, Update, Delete and Insert checked on the permissions section.
On the database permissions section I have the same user with "connect" permissions.,
I also have
with "Connect" permisssions.
Is this the safest way? I am assuming some hacker or injection script or something caused this?
Are these permissions good enough?