MSDE/SQL Checker Tool

From: Jerry Bryant [MSFT] (jbryant@online.microsoft.com)
Date: 01/27/03 

From: "Jerry Bryant [MSFT]" <jbryant@online.microsoft.com>
Date: Mon, 27 Jan 2003 10:17:23 -0800

We hope to have a download location for this tool later today but as of
right now, it is not publicly accessible. Please veiw the readme file on
it's use (posted below). In the mean time, if you would like to get this
tool, please call 1-866-PCSafety and ask for it directly and it will be
emailed to you.

Disclaimer
=============
THIS CODE AND INFORMATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR
PURPOSE.
This tool is provided to help diagnose version information on SQL Server and
MSDE applications.

SSCHECK.EXE SQL SLAMMER CHECKER
===============================

SQL Slammer Check is used to query the SQL Server and MSDE configuration on
a machine and output the version information for MSDE and the service pack
level. Optionally, SSCHECK will disable ALL SQL Server and MSDE instances on
a server that are not properly patched with SQL Server and MSDE Sp2 and the
Microsoft security update MS02-061.

This tool can be wrapped inside of a logon script, batch file or SMS script
to be customized for any environment. It will output verbose results or
return codes for easier integration into your scripts.

The default behavior is to return an ERRORLEVEL when run with no parameters.

SYSTEM REQUIREMENTS
===================

 NT 4.0, Windows 2000, Windows XP Pro

USAGE:
======
SSCheck checks for the version info on ssnetlib.dll and sqlservr.exe, and
takes the following action based on the versions of both files

If SSnetlib.dll >= 534 and SSnetlib < 636 - SP2 installed but instance is
vulnerable
If SSnetlib.dll < 534 SP2 not installed and instance is vulnerable
If SSNetlib.dll > 636 instance not vulnerable

You can run sscheck /? for the command line options
 sscheck.exe (/d will shut off the SQL and/or MSDE services on a machine
that is at risk)
 sscheck.exe (/v will turn on verbose mode else this is quite)
 sscheck.exe (/? will list all option switches and usage)

IF YOU CHOOSE TO DISABLE THE SERVICE
=====================================
Note the MSSQLSERVER and SQLSERVERAGENT services must be enabled but not
started before you apply the security patch found in Q316333 or SP3. To do
this,
1. Go to the Control Panel
2. Go to Administrative Tools
3. Go to the Services applet and double click the SQL Agent Services.
4. Change the Startup Type to Manual or Automatic.
5. Click Apply.
6. Apply the security patch found in Q316333 or SP3.

VERBOSE RESULTS (/V Option:
==================================

"This machine is not running MSDE"

NT4.0 output: "OS is NT 4.0"

"This machine has MSDE on it but MS02-061 has been applied"

"This machine has version of ssnetlib.dll greater than 2000.80.532 and less
than 2000.80.636.00 on it This machine needs to have Q317748 and MS02-061
applied"

"This Machine is running NT 4.0 You need to apply Q258437 before applying
any other hotfix"

"File Version of ssnetlib.dll on this machine is:"

NUMERIC RETURN CODES:
=====================

This application will return the following:

 0 - only if the version is 2000.80.679.00 or higher or SQL Server/MSDE is
not installed
 1 - if the version is between 2000.80.636.00 and 2000.80.532.00
 2 - if the OS is NT4.0 and if the version is between 2000.80.679.00 and
2000.80.532.00
 3 - if the version is >= 2000.80.636.00 and < 2000.80.679.00 where the
MS02-061 is recommended to be installed
 4 - if the version is below SP2
 255 - if there is an error. 

-- 
Regards,
Jerry Bryant - MCSE, MCDBA
Microsoft IT Communities
Get Secure! http://www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.

Relevant Pages

  • RE: MSDE, Access, SharePoint... I am not sure where to ask this qu
    ... 1.>> What is the difference between MSDE and WMSDE? ... MSDE that is targeted for use by Windows components only. ... isn't SQL Server Express replacing MSDE and WMSDE? ... Microsoft CSS Online Newsgroup Support ...
    (microsoft.public.windows.server.sbs)
  • Double Quotes Fail, Single Succeed
    ... I am trying to run the script that came with the .Net SDK to install their ... If I change the double quotes around Soda to single quotes, ... I thought the MSDE app was very close to SQL Server in support. ...
    (microsoft.public.sqlserver.programming)
  • MSDE/SQL Checker Tool
    ... MSDE applications. ... SQL Slammer Check is used to query the SQL Server and MSDE configuration on ... This tool can be wrapped inside of a logon script, ... started before you apply the security patch found in Q316333 or SP3. ...
    (microsoft.public.security)
  • Re: Put database on Internet
    ... > Once you will be able to connect to MSDE or to SQL-Server, ... > and ADP in the same time as frontends to your database. ... >> will be able to serve as SQL server. ...
    (microsoft.public.access.dataaccess.pages)
  • Re: Need help & support regarding MBSA 2.1 beta 2
    ... Issue: Local Account Password Test ... Check is skipped on Windows XP Home Edition computers. ... SQL Server and/or MSDE authentication mode is set to Windows ...
    (microsoft.public.security)