2.6 Ensure 'Remote Access' Server Configuration Option is set to '0'

Information

The remote access option controls the execution of local stored procedures on remote servers or remote stored procedures on local server.

Rationale:

Functionality can be abused to launch a Denial-of-Service (DoS) attack on remote servers by off-loading query processing to a target.

Solution

Run the following T-SQL command:

EXECUTE sp_configure 'show advanced options', 1;
RECONFIGURE;
EXECUTE sp_configure 'remote access', 0;
RECONFIGURE;
GO
EXECUTE sp_configure 'show advanced options', 0;
RECONFIGURE;

Restart the Database Engine.


Default Value:

By default, this option is enabled (1).

References:

https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/configure-the-remote-access-server-configuration-option

See Also

https://workbench.cisecurity.org/files/2837

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-4, CSCv6|9.1, CSCv7|9.2

Plugin: MS_SQLDB

Control ID: 19cfccccfaf3887a00d1d7c4630bcf9f72f54add05576c6a7abcd1b1840e1ebb