As we all know, there is an account in M$sql that is definitely a cybersecurity hazard, system administrator (sa), which by default is assigned to the fixed server role sysadmin and cannot be changed. This SA is generally neither able to change the name nor delete it, hehe, it tastes a bit tasteless, it's a pity to dispose of it, and it's tasteless to eat. After installing sql2000, I feel weird anyway, with this back door there, I am always worried, worried that one day someone will crack the password, and the puppet computer will not be pulled out, and I will be in the underworld for so many days. Maybe you say that you set a stronger password, this method is feasible, but it is not a long-term memory, the so-called grass cutting must be eradicated, if the SA is deleted, there is no need to worry about those "hackers" brute force cracking. Hehe, the previous said that pulling for a long time is nonsense, maybe you have seen it impatiently pulling, okay, let's get to the point, let's follow me to unload the sa eight pieces first open the enterprise manager in SQL, and then select the SQL server configuration attributes in the tools tab in order, click on the server settings, and see the box in front of the box in front of allowing direct modification of the system directory, click on it, okay. Then open the query analyzer and log in (hehe, whatever account you use to enter, but you must have db_owner permissions in the master database) and enter
update sysxlogins set name='The name you want to change' where sid=0x01 update sysxlogins set sid=0xE765555BD44F054F89CD0076A06EA823 where name='The name you want to change'
, OK, the execution is successful, easy to pull, transfer the login in the enterprise manager to refresh the security, see, sa has become xwq pull, hehe, select xwq and click right-click, how about the option to pull and delete appears, hehe, delete. See if the sa is no longer pulled.
Postscript
How to delete SA directly in the query analyzer
How to delete SA directly in the query analyzer is similar to what was said before, except that this time it is not a trick in the enterprise manager, but uses the powerful stored procedures provided by SQL to complete this task. Below is what I mean by the stored procedure sp_configure that needs to be leveraged sp_configure display or change the global configuration settings of the current server. Its syntax: sp_configure [ [ @configname = ] 'name' ][ , [ @configvalue = ] 'value' ]
Example: sp_configure 'allow updates', 1goRECONFIGURE WITH OVERRIDEgo pull, so that we can update the system table pull, and then pull update sysxlogins set name='the name you want to change' where sid=0x01, and then delete 'the name you changed your name' But pay attention to the sp_ Execute permissions without a parameter (or only the first parameter) on configure are granted to all users by default. The execution permission permission for the sp_configure (for changing configuration options) with two parameters grants sysadmin and serveradmin fixed server roles by default. The RECONFIGURE permission grants the sysadmin fixed server role and the serveradmin fixed server role by default and cannot be transferred. It has to be db_owner in master. The safest way to change and delete a default SA account in SQL2000
|
Posted on 11/26/2014 3:49:01 PM
|
|
|
Posted on 12/8/2014 10:57:57 AM
