Re: Changing passwords / Blocking SA login attempts
From: BP Margolin (bpmargo@attglobal.net)
Date: 02/12/03
- Next message: djc: "Re: general architecture question (info needed a.s.a.p)"
- Previous message: linda deng[MSFT]: "RE: Further facts..."
- In reply to: Fox: "Changing passwords / Blocking SA login attempts"
- Next in thread: Fox: "Re: Changing passwords / Blocking SA login attempts"
- Reply: Fox: "Re: Changing passwords / Blocking SA login attempts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "BP Margolin" <bpmargo@attglobal.net> Date: Wed, 12 Feb 2003 06:22:36 -0500
Fox,
Changing a Windows password is always completely invisible to SQL Server.
The Windows login is completely separate from a SQL Server login, unless you
are using Windows Authentication.
If you are using SQL Server Authentication, then one doesn't even have to
have a Windows login in order to connect ... for example Unix users and Mac
users could connect to SQL Server via SQL Server Authentication without
having a Windows login.
One can not delete the SA account. One can effectively disable the SA
account by going to Windows Authentication, which tends to be more secure
than Mixed Authentication anyway.
I'm guessing you're logging attempts to connect because you want to see
exactly this type of information ... i.e., potential hackers. If you are not
interested in seeing failed login attempts, you can turn off the logging via
Enterprise Manager: right-click the SQL Server instance name, and choose
Properties, go to the Security tab, and change the audit level.
-------------------------------------------
BP Margolin
Please reply only to the newsgroups.
When posting, inclusion of SQL (CREATE TABLE ..., INSERT ..., etc.) which
can be cut and pasted into Query Analyzer is appreciated.
"Fox" <fox@connexions.net> wrote in message
news:OPAIE$n0CHA.1764@TK2MSFTNGP10...
> I want to tighten security up on my Windows 2000 Server and SQL.
> If I change my PW in Windows, will this mess up my SQL login ?
> Do I need to re-add or change myself in SQL. Also, what about ADMIN.
> I want to change that in Windows as well, will it need to be changed
> somehow in SQL ? Sorry to be dumb, but we all are until we have answers.
> Only been using SQL for a few weeks and I am getting slammed by
> attempts to log in to the tune of thousands a day.
>
> Note: Is there a way to stop any attempts to log into the SA account.
> I am not using it, unless there is some systemic use I am not aware of.
> Is it entirely deletable or will that kill the server ?
>
> They are filling my logs with thousands of entries while doing this.
> It seems automated and runs for a while every day. I would love
> to block these attempts or at least get it out of my logs.
>
> Thanks,
> Fox
>
>
- Next message: djc: "Re: general architecture question (info needed a.s.a.p)"
- Previous message: linda deng[MSFT]: "RE: Further facts..."
- In reply to: Fox: "Changing passwords / Blocking SA login attempts"
- Next in thread: Fox: "Re: Changing passwords / Blocking SA login attempts"
- Reply: Fox: "Re: Changing passwords / Blocking SA login attempts"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
