DBMS default account names should be changed.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15638 | DG0131-SQLServer9 | SV-21454r2_rule | IAIA-1 IAIA-2 | Low |
| Description |
|---|
| Well-known DBMS account names are targeted most frequently by attackers and are thus more prone to providing unauthorized access to the database. |
| STIG | Date |
|---|---|
| Microsoft SQL Server 2005 Instance Security Technical Implementation Guide | 2015-06-16 |
Details
| Check Text ( C-23618r2_chk ) |
|---|
| From the query prompt: SELECT name FROM [master].sys.sql_logins WHERE name = 'sa' If the value returned for Name is 'sa', this is a Finding. |
| Fix Text (F-20135r1_fix) |
|---|
| From the query prompt: ALTER LOGIN sa WITH NAME = '[new sa name]' Replace [new sa name] with a custom-supplied name. |