Re: Check master ..Sp_password for trojan procedures
From: Sue Hoegemeier (Sue_H@nomail.please)
Date: 07/23/02
- Next message: Sue Hoegemeier: "Re: dropped table..who dunnit"
- Previous message: Joe: "dropped table..who dunnit"
- In reply to: Rajesh Chaturvedi: "Check master ..Sp_password for trojan procedures"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Sue Hoegemeier <Sue_H@nomail.please> Date: Tue, 23 Jul 2002 13:49:08 -0600
I guess it depends on what works best for you. You can
always install SQL Server and whatever service packs,
security patches you are running on production and then
compare the newly installed version of sp_password to the
version you have in production.
You primarily want to watch for changes which indicate that
password changes are being logged or sent somewhere - file,
some odd table, sent via email, whatever.
Red Gate has a database compare tool if you wanted to
incorporate that: http://www.red-gate.com/
-Sue
On Tue, 23 Jul 2002 10:20:24 -0700, "Rajesh Chaturvedi"
<chaturve@awii.com> wrote:
>Hi,
>
>In the SQL*SERVER security checklist following points are
>not clear
>
>1) Check master ..Sp_password for trojan procedures. It
>says compare your production scripts to default script on
>a fresh installation and keep that code handy.
>
>How do I go about doing this. Are there any step wise
>procedures for this.
>
>I will really appreciate your help.
>
>Regards,
>
>Raj
>.
>
- Next message: Sue Hoegemeier: "Re: dropped table..who dunnit"
- Previous message: Joe: "dropped table..who dunnit"
- In reply to: Rajesh Chaturvedi: "Check master ..Sp_password for trojan procedures"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
