Unauthorized database links should not be defined and active.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-3818	DG0075-SQLServer9	SV-24090r2_rule	DCFA-1	Medium

Description
DBMS links provide a communication and data transfer path definition between two databases that may be used by malicious users to discover and obtain unauthorized access to remote systems. Database links between production and development DBMSs provide a means for developers to access production data not authorized for their access or to introduce untested or unauthorized applications to the production database. Only protected, controlled, and authorized downloads of any production data to use for development should be allowed. Only applications that have completed the configuration management process should be introduced by the application object owner account to the production system.

Description

DBMS links provide a communication and data transfer path definition between two databases that may be used by malicious users to discover and obtain unauthorized access to remote systems. Database links between production and development DBMSs provide a means for developers to access production data not authorized for their access or to introduce untested or unauthorized applications to the production database. Only protected, controlled, and authorized downloads of any production data to use for development should be allowed. Only applications that have completed the configuration management process should be introduced by the application object owner account to the production system.

STIG	Date
Microsoft SQL Server 2005 Instance Security Technical Implementation Guide	2015-06-16

Details

Check Text ( C-20339r2_chk )
If this is not a production database, this check is Not Applicable. Note: SQL Server check DG0190 addresses authorization of all defined remote and linked databases. Review documentation for definitions of authorized external interfaces. The documentation should include: 1. Any remote access to the database 2. The purpose or function of the remote connection, 3. Any access to data or procedures stored externally to the local DBMS 4. Any network ports or protocols used by remote connections 5. Whether the remote connection is to a production, test, or development system 6. Any security accounts used by DBMS to access remote resources or objects To view remote and linked servers: SELECT name FROM [master].sys.servers WHERE server_id <> 0 ORDER BY name If any database links are defined between the production database and any test or development databases, this is a Finding. If the documentation for remote interfaces does not exist or is incomplete in the System Security Plan and AIS Functional Architecture documentation, this is a Finding.

Check Text ( C-20339r2_chk )

If this is not a production database, this check is Not Applicable.

Note: SQL Server check DG0190 addresses authorization of all defined remote and linked databases.

Review documentation for definitions of authorized external interfaces. The documentation should include:

1. Any remote access to the database
2. The purpose or function of the remote connection,
3. Any access to data or procedures stored externally to the local DBMS
4. Any network ports or protocols used by remote connections
5. Whether the remote connection is to a production, test, or development system
6. Any security accounts used by DBMS to access remote resources or objects

To view remote and linked servers:

SELECT name
FROM [master].sys.servers
WHERE server_id <> 0
ORDER BY name

If any database links are defined between the production database and any test or development databases, this is a Finding.

If the documentation for remote interfaces does not exist or is incomplete in the System Security Plan and AIS Functional Architecture documentation, this is a Finding.

Fix Text (F-24627r1_fix)
Document all remote or external interfaces used by the DBMS to connect to or allow connections from remote or external sources in the System Security Plan and AIS Functional Architecture documentation. Include with the documentation as appropriate, any network ports or protocols, security accounts, and the sensitivity of any data exchanged. Do not define or configure database links between production databases and test or development databases. Delete any links or remote server definitions between production and test or development databases.

Fix Text (F-24627r1_fix)

Document all remote or external interfaces used by the DBMS to connect to or allow connections from remote or external sources in the System Security Plan and AIS Functional Architecture documentation.

Include with the documentation as appropriate, any network ports or protocols, security accounts, and the sensitivity of any data exchanged.

Do not define or configure database links between production databases and test or development databases.

Delete any links or remote server definitions between production and test or development databases.