If a thief yanks (technical term) a hard-drive containing a SQL Server 05 database from a server and then installs it on a server in a different domain, is there any way he could connect to it? This question assumes that a hacker didn't somehow transfer the domain logins.
Could the local admin even add himself as a user to the database without having the admin login information from the previous domain?
Thanks,
As the server is attached by a sysadmin (no matter if its a malicious domain :-) ) the sysadmin will have full access to the database. Thats why the access to the physical files also has to be secured rather than just the logical access through autorization.
See this recently answered post: http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=801002&SiteID=1
HTH, Jens K. Suessmeyer.
http://www.sqlserver2005.de
No comments:
Post a Comment