RE: SQL Worm
From: David SheafferMS (dsheaff@onlinemicrosoft.com)
Date: 05/21/02
- Next message: Ashwin Kowtha [MS]: "RE: Security Patch Woes"
- Previous message: Pedro Barros: "RE: Managing Project 2000 Database users"
- In reply to: Tim Blizard: "SQL Worm"
- Next in thread: Sue Hoegemeier: "Re: SQL Worm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: dsheaff@onlinemicrosoft.com (David SheafferMS) Date: Tue, 21 May 2002 14:56:35 GMT
Tim,
You may want to enabling login auditing in SQL Server. You can audit
both successful and failed login attempts to SQL Server. To enable
auditing use Entperprise Manager, select the server and right mouse click
and choose Properties. Auditing can be enabled on the Security tab. You
will need to restart SQL Server for auditing to become effective.
Also to identify the culprit process/workstation you can use the
following query:
select * from master..sysprocesses
Output will contain program name, host name, NT account etc which might
help in identifying the process.
This posting is provided 'AS IS' with no warranties, and confers no rights.
- Next message: Ashwin Kowtha [MS]: "RE: Security Patch Woes"
- Previous message: Pedro Barros: "RE: Managing Project 2000 Database users"
- In reply to: Tim Blizard: "SQL Worm"
- Next in thread: Sue Hoegemeier: "Re: SQL Worm"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
