Last Thursday, we got attacked by SQL Injection attack ... several tables in one of our production DBs had the following string inserted at the begining of each row:
The above string was inserted in columns that had varchar columns. The system tables were untouched.
My questions are as follows:
1. What do you advice me to do to ensure that this does't happen again (from the DB side, as the developers are doing their part from the UI)?
2. I did an audit and found the following high risk items:
The public DB Role has permissions (select, execute, etc.) in the user DBs and the Master DB - select of all Information_schema views, etc.
3. Public Server Role has the following rights:
CONNECT on Endpoint 'TSQL Local Machine', CONNECT on Endpoint 'TSQL Named Pipes', CONNECT on Endpoint 'TSQL Default TCP', CONNECT on Endpoint 'TSQL Default VIA', VIEW ANY DATABASE on Server, VIEW ANY DEFINITION on Server
How should I restrict access to the Public Role without affecting the applications that connect using ODBC, OLEDB, etc.