It seems every week we are bombarded with tons of surveys, that scare us into eating more of this and generally less of everything. Surveys on database health and security are much rarer, but I did notice that David Lichfield is about to publish that latest edition of The Database Exposure Survey 2007.
I would expect that there are a few databases out there that are vulnerable but I was surprised how high this figure is generally and also that it applies more to Oracle than to SQL Server. The basic problem is that the versions in use have known vulnerabilities where the latest versions are better able to deal with threats. To counter this Oracle and Microsoft release patches and best practice advice, but customers are simply not applying the patches or following the advice.
I am not an expert on Oracle but I am sure they are just as keen as we are to help close the gaps and you should contact your reseller and crawl the extensive help on their website. Where I can help is to suggest a few pointers for SQL Server 2000:
Of course if you do want a rapid career change then please ignore this.
PingBack from http://technews.thegeekyblog.com/2007/11/20/sql-server-2000-security/
the site still does not have the 2007 results.