Linked Servers are an easy way to connect between different SQL Server instances without too much hassle and application development overhead. But, if not configured correctly, they can also serve as a dangerous security vulnerability.
When configuring the security settings of a linked server, it’s possible to set a “default” authentication setting (where it says “For a login not defined in the list above, connections will:“):
You would be surprised how often we meet customers that use Linked Servers with this extremely dangerous configuration mistake.
For this reason, I wrote a blog post detailing the reasons behind this danger, how to detect it, how it can be exploited, and how to avoid it.
In fact, this mistake was so common, that we decided to add it to our list of standard best practice checks as part of our Data Architecture Review service, and even as an automated alert in our Managed Remote DBA Service - DBSmart.