Re: Strange failed Logins

From: Sue Hoegemeier (Sue_H_at_nomail.please)
Date: 09/30/03 

Date: Tue, 30 Sep 2003 15:24:17 -0600

Maybe. Do thoe logins exist in SQL Server? If they do, it
could be a security scanning tool like MSBSA checking for
weak passwords. It could be someone internal trying to get
in, someone hacking, could be a worm on another server or
MSDE, hard to say with any certainty what it is exactly. If
you don't need SQL Server accessibly to the outside world,
then close the ports on the firewall.
In terms of securing your servers, you should check the SQL
Server security resources site for guidelines:
http://www.microsoft.com/sql/techinfo/administration/2000/security/default.asp

-Sue

On Tue, 30 Sep 2003 13:35:48 -0700, "Leo"
<nospam@nospam.com> wrote:

>I have these errors on the erro log:
>
>Login failed for user 'user'
>Login failed for user 'sa'
>Login failed for user 'database'
>Login failed for user 'root'
>Login failed for user 'sql'
>
>Is someone trying to hack my SQL server? I have port 1433
>open. Should I close it?
>
>L.

Relevant Pages

  • Re: SQL or Access DB
    ... As far as encryption goes though... ... with Sql Server you can use SQL DMO and encrypt your stored procedures ... installation - Security was absolutely critical and in most instances, ... > then we create a nice gui around this database and sell it to automotive ...
    (microsoft.public.dotnet.languages.vb)
  • Re: Is there any way to prevent hacker trying to guess sa password?
    ... and port 1433 will not be open. ... If someone can crash SQL Server by connecting to port 1433, ... You don't need multiple security experts. ...
    (microsoft.public.sqlserver.security)
  • Re: Getting to the bottom of MSDE network connection problems ...
    ... Brilliant, Nick, especially the explanation for local network user being ... authenticated as GUEST in WinXP SP2. ... > on a desktop OS like XP (meaning that, you can not compare SQL Server ... > again and selected the security tab. ...
    (microsoft.public.sqlserver.msde)
  • RE: Login failed for user (null).
    ... used at signon to authenticate in SQL Server. ... connect the remote SQL Server database), is there any other data accessing ... What's the security identity used to access the remote SQL Server, ... the worker process identity. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • [NT] SQL Extended Procedure Functions Contain Unchecked Buffers
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... SQL Server 7.0 and 2000 provide extended stored procedures, ... Several of the Microsoft-provided extended stored procedures have been ... Exploiting the flaw could enable an attacker to either cause the SQL ...
    (Securiteam)
Quantcast