Only authorized service broker endpoints should be configured on the server.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-15165 | DM6128-SQLServer9 | SV-23857r1_rule | DCFA-1 | Medium |
| Description |
|---|
| Service Broker endpoints expose the database to SQL Server messaging communication access. Where not carefully designed and implemented, messaging communication can unnecessarily expose the database to additional exploit that compromises data confidentiality and integrity. Removing messaging communication endpoints helps to protect the database from unauthorized messaging communication access. |
| STIG | Date |
|---|---|
| Microsoft SQL Server 2005 Instance Security Technical Implementation Guide | 2015-04-03 |
Details
| Check Text ( None ) |
|---|
| None |
| Fix Text (F-14832r1_fix) |
|---|
| Authorize and document Service Broker endpoints in the System Security Plan. Where not authorized, drop Service Broker service endpoints. From the query prompt: DROP ENDPOINT [endpoint name] |