Only authorized service broker endpoints should be configured on the server.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15165 | DM6128-SQLServer9 | SV-23857r2_rule | DCFA-1 | Medium |
| Description |
|---|
| Service Broker endpoints expose the database to SQL Server messaging communication access. Where not carefully designed and implemented, messaging communication can unnecessarily expose the database to additional exploit that compromises data confidentiality and integrity. Removing messaging communication endpoints helps to protect the database from unauthorized messaging communication access. |
| STIG | Date |
|---|---|
| Microsoft SQL Server 2005 Instance Security Technical Implementation Guide | 2015-06-16 |
Details
| Check Text ( C-13812r2_chk ) |
|---|
| From the query prompt: SELECT name FROM [master].sys.service_broker_endpoints Review the list of any endpoints returned. If no records are returned, this is Not a Finding. If any endpoints are returned and are not listed as a required and authorized XML web service endpoint in the System Security Plan, this is a Finding. |
| Fix Text (F-14832r1_fix) |
|---|
| Authorize and document Service Broker endpoints in the System Security Plan. Where not authorized, drop Service Broker service endpoints. From the query prompt: DROP ENDPOINT [endpoint name] |