0

For some time now, I have been fighting against CIOs who are imposing increasingly frequent shutdowns of database servers under the pretext of security. I nevertheless think that these regular shutdowns of RDBMS type servers like Microsoft SQL Server go completely against security, especially when they are systematic, as is the case with Windows UPDATEs. Let me explain by taking the case of SQL Server.... Each time we stop the SQL Server service, or the virtual machine or reboot the physical server, the database files, which are locked for the exclusive use of SQL Server, become vulnerable at the moment of the stop. One of my clients who had a massive attack on his RDBMS saw all the files of his databases under Linux encrypted, while the files of the SQL Server databases under Windows were not... Thinking he was doing the right thing , supposedly to protect MS SQL Server instances he stopped them and those files were encrypted!

I have just written an paper on this subject in order to warn about this practice which I consider very bad.

Of course you have to pass the Windows and SQL Server patches... but there is no point in passing them if these patches do not contain a CVE or do not correct a problem that we obviously have. .. In other words there is no urgency to pass these tnat patches that we are not concerned in terms of vulnerabilities or a correction of the functional.

The question is are you pro or con a systematic shutdown of servers ?

Improve this question
2
  • I don't see any question here. This is a Q&A site, not a place for debates or discussions. Voting to close the "question". Commented Sep 8, 2023 at 10:53
  • The problem is that if a reboot is a problem, you already have malware. I would prefer not having malware in the first place. Commented Sep 8, 2023 at 11:16

1 Answer 1

Reset to default
1

You were lucky, that's all.
Yes, SQL Server keeps files locked while it's running but, eventually, a Windows update (or whatever) would have taken the server down and the virus would have gotten to your data files.

The more fundamental issue, here, is that you got a virus onto your database server that could infect your data files!

Fix the right problem.
With properly-configured anti-virus protection running on your servers, it shouldn't matter if and when you shut down your databases.

As to pre-screening Windows Updates: do you really want to be poring over Microsoft documentation each and every time they put out any sort of update that might apply to server [estate]? Sounds like a full-time job in itself to me.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.