RE: Compromises SQL Server
From: Donna Lambert [MS] (dlambert@online.microsoft.com)
Date: 08/13/02
- Next message: Donna Lambert [MS]: "RE: Trusted connections"
- Previous message: p: "Login failure from asp.net delegation"
- In reply to: Warren: "Compromises SQL Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: dlambert@online.microsoft.com (Donna Lambert [MS]) Date: Tue, 13 Aug 2002 19:07:13 GMT
Warren,
Here is a snippet from Microsoft article PRB: SQL Server w/ Blank SA
Password Opens Vulnerability to Worm ID: Q313418
<snip>
"For information on how to recover an already compromised system, visit the
independent CERT Coordination Center at the following Web site:
Steps for Recovering from a UNIX or NT System Compromise
http://www.cert.org/tech_tips/win-UNIX-system_compromise.html
Intruder Detection Checklist
http://www.cert.org/tech_tips/intruder_detection_checklist.html
The third-party contact information included in this article is provided to
help
you find the technical support you need. This contact information is
subject to
change without notice. Microsoft in no way guarantees the accuracy of this
third-party contact information."
<snip>
Hope that helps!
Donna Lambert
Microsoft SQL Server Support
Disclaimer:
This posting is provided “AS IS” with no warranties, and confers no rights.
Are you secure? For information about the Microsoft Strategic Technology
Protection Program and to order your FREE Security Tool Kit, please visit
http://www.microsoft.com/security.
Recent viruses on the Internet underscore the threat to all computer users
and highlight challenges facing the entire industry in providing security
that everyone needs to conduct business. I encourage you to sign up to
receive automatic notification of Microsoft Security Bulletins by visiting
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
bulletin/notify.asp. For more information on security, our Strategic
Technology Protection Program and to order your FREE Security Tool Kit,
please visit http://www.microsoft.com/security. We will be happy to answer
any questions or provide assistance with your security needs.
--------------------
| Content-Class: urn:content-classes:message
| From: "Warren" <grayishblackwolf@hotmail.com>
| Sender: "Warren" <grayishblackwolf@hotmail.com>
| Subject: Compromises SQL Server
| Date: Wed, 31 Jul 2002 12:56:10 -0700
| Lines: 4
| Message-ID: <00ec01c238cc$50ec4320$a4e62ecf@tkmsftngxa06>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="iso-8859-1"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Thread-Index: AcI4zFDsLrFDpqaJR0aQ9+fkJ6k5lg==
| X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
| Newsgroups: microsoft.public.sqlserver.security
| NNTP-Posting-Host: TKMSFTNGXA06 10.201.232.165
| Path:
cpmsftngxa08!cppssbbsa01.microsoft.com!news-out.cwix.com!newsfeed.cwix.com!l
ogbridge.uoregon.edu!arclight.uoregon.edu!enews.sgi.com!msrnewsc1!tkmsftngp0
1!tkmsftngxs01!cpmsftngxa07
| Xref: cpmsftngxa08 microsoft.public.sqlserver.security:7346
| X-Tomcat-NG: microsoft.public.sqlserver.security
|
| Our SQL Server has been compromised and is not port
| scanning other servers trying to find ones that have a
| blank SA Password. Has anyone had this problem. How do I
| go about correcting it?
|
- Next message: Donna Lambert [MS]: "RE: Trusted connections"
- Previous message: p: "Login failure from asp.net delegation"
- In reply to: Warren: "Compromises SQL Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
