Re: My SQL 7 server was hacked through to store files onto. Please help

From: scuby (scuby@cove.net)
Date: 12/26/02 

From: "scuby" <scuby@cove.net>
Date: Thu, 26 Dec 2002 10:32:00 -0800

yes, the server is exposed to the internet. I'm not sure
how they got in. I'm assuming they came through SQL... I
haven't seen any new usernames created. Any further
advice?

>-----Original Message-----
>Is your server exposed to the internet ? It's very
>easy to get control of a SQL server (especially
>since you are on SP1), there are numerous buffer
>overflows and privelige escalation vulnerabilities
>available to the creative hacker. Also SQL logins
>and passwords are extremely easy to hack. Is there
>any indication SQL was hacked (any new logins / new
>members of sysadmin role, startup procedures ?)
>Have you checked for any new local NT users that look
>suspicious.
>
>--
>HTH
>
>Jasper Smith (SQL Server MVP)
>
>I support PASS - the definitive, global
>community for SQL Server professionals -
>http://www.sqlpass.org
>
>"scuby" <scuby@cove.net> wrote in message
>news:065901c2ad0a$936eb720$d7f82ecf@TK2MSFTNGXA14...
>> My SQL 7 sp1 server on windows 2000 was hacked through
>> last night. there was a folder made under the winnt
>> directory and then it was filled with mp3's, music,
>> video's and all sorts of stuff. How would that person
get
>> through to do that? Could he have hacked in through
SQL?
>>
>> Thanks in advance!
>>
>> Mike
>
>
>.
>