Re: Is there a better way

From: Dan Guzman (guzmanda_at_nospam-online.sbcglobal.net)
Date: 12/10/04 

Date: Thu, 9 Dec 2004 22:43:29 -0600

If you must use SQL Authentication, assign a strong password for 'sa' and
perform your administration tasks using Windows authentication. If you
don't really need to login as 'sa', try the script below.

I'm not sure if blocking an IP address is much help. There are a lot of
script kiddies out there and hacking is often done from a compromised
system.

DECLARE @StrongPassword sysname
SELECT @StrongPassword =
    CAST(NEWID() AS VARCHAR(36)) +
    CAST(NEWID() AS VARCHAR(36)) +
    CAST(NEWID() AS VARCHAR(36))
SELECT @StrongPassword
EXEC sp_password NULL, @StrongPassword, 'sa' 

-- 
Hope this helps.
Dan Guzman
SQL Server MVP
"Russell Stevens" <rastevens@aol.com> wrote in message 
news:erRzL%23j3EHA.3380@TK2MSFTNGP09.phx.gbl...
>  I am getting tired of the "I am going to break into your sql server" 
> game. Seems there are lots of folks out there that have nothing better to 
> do than to find SQL servers on the Internet that are listening on port 
> 1433 and keep trying to log on to them via the SA account.
>
>  I must allow access using SQL authentication. I typically can detect 
> these attempts by looking at my server bandwidth and can verify them with 
> the profiler. I can then ban the bad guys IP number. They then just change 
> IPs and continue until they are satisfied they can't crack the sa password 
> or until they get bored. These guys are particularly lonely on weekends 
> (most attempts occur then).
>
>  Anyway, there must be lots of other users having the same problem - is 
> there an automated tool/program that can detect a bunch of unsuccessful sa 
> logins then ban the source IP? Any other approaches?
>
>  Not quite sure why MS won't allow me to disable or rename the sa account 
> (or perhaps they do and I haven't been able to figure it out). At least 
> that way, the bad guy has to guess both a name and a password instead of 
> just going after sa.
>
> Thanks
>
>

Relevant Pages

  • Re: SQL Server uses Windows authentication
    ... to encrypt the transmission of sql server authentication credentials between ... If you have to use SQL authentication, it would be best to use a VPN between ...
    (microsoft.public.inetserver.asp.db)
  • Re: Picking authentication when linking Access to SQL Server
    ... Don't grant the users read permission to tables. ... Look up 'SYSTEM_USER' in SQL Server Books On Line for more information. ... With SQL authentication the user would still need the SQL ...
    (microsoft.public.access.security)
  • Re: merge Replication with a Notebook not in domain
    ... I have checked many times that i have set SQL Authentication in both ... publisher and subscriber and even distributor by clicking ... not associated with a trusted SQL Server ...
    (microsoft.public.sqlserver.replication)
  • Re: crash on virtual dimensions
    ... SQL authentication doesn't work for SQL Server to anywhere. ... It is basically a way for access developers to start writing all of their ...
    (microsoft.public.sqlserver.olap)
  • Re: Failed to connect to SQL express on LAN
    ... Although I wrote that SQL Authentication worked with the sa account, ... I went on the DELL8300 server and tried to enable nore server roles for the ... For SQL Authentication, from your test, I think that SQL Authentication was ...
    (microsoft.public.sqlserver.connect)
Quantcast