|
|
|
|
|
Database Scanner 3.0.1 1 2 3 4 5 6 7 8 9 10 User IDs are very simple. You do not want to have guest accounts enabled, nor do you want mismatched or orphaned IDs. I leave the defaults here.
Restricting login hours is very sticky. Most systems need to be accessible 24x7, but still have tight security. Most security attacks occur after the administrators have gone home for the day. The only place Database Scanner can compare this information is to the logon hours restrictions on the NT accounts or in seeing who is logged on when a scan is run. While it is nice to have this feature, I do not use it. The vast majority of SQL Servers are run with standard security. Since Database Scanner is run manually, checking login hours doesn't gain you anything because it will only detect what it finds when it is scanned and the person who would initiate the scan has already gone home for the day.
|
All content on this site, except where noted, represents an original work of Michael R. Hotek and is protected by applicable copyright laws. The SQL Server FAQ is the sole work of Neil Pike. No page, portion of a page, or download may be used for commercial purposes in whole or in part without the express, written permission of the applicable author.
