The Main Threats To A Database Server

The main threats to a database server are:

• SQL injection
• Network eavesdropping
• Unauthorized server access
• Password cracking

See Securing Your Database Server in more detail. I didn't pay attention to network eavesdropping before. To counter network eavesdropping:

• Use Windows authentication to connect to the database server to avoid sending credentials over the network.
• Install a server certificate on the database server. This results in the automatic encryption of SQL credentials over the network.
• Use an SSL connection between the Web server and database server to protect sensitive application data. This requires a database server certificate.
• Use an IPSec encrypted channel between Web and database server.

I need to dig more on the last three countermeasures.