Re: Is the SA login secure

• Previous message: Jasper Smith: "Re: Is the SA login secure"
• In reply to: Jasper Smith: "Re: Is the SA login secure"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 29 Dec 2004 18:45:18 -0600

To add to Jasper's comments, it really is best to NEVER use the sa username
and password. Make it two miles long, store it in a password vault, and
change it every 30 days just for fun. Use AD security to create an
administrative account the DBA uses. Change that password regularly as
well.

"Jasper Smith" <jasper_smith9@hotmail.com> wrote in message
news:Olkb7fg7EHA.128@TK2MSFTNGP15.phx.gbl...
> It is encrypted but its very weak . If someone captured a network trace of
> you logging in they would indeed be able to determine the password fairly
> easily. If you want to see how easy it is, below is an example
>
> --this is an example of a captured password packet
> --actual password used was thequickbrownfox
> /*
> e2 a5 23 a5 f3 a5 b2 a5 f2 a5 33 a5 s.a...#. ......3.
> 000000B4 93 a5 13 a5 83 a5 82 a5 53 a5 d2 a5 43 a5 c3 a5 ........ S...C...
> 000000C4 53 a5 22 a5
> */
> -- need to strip out the non password bytes
> /*
> e2 a5 23 a5 f3 a5 b2 a5 f2 a5 33 a5 93 a5 13 a5 83 a5 82 a5 53 a5 d2 a5 43
> a5 c3 a5 53 a5 22 a5
> */
> --form varbinary
> declare @packet varchar(500)
> set @packet = 'e2 a5 23 a5 f3 a5 b2 a5 f2 a5 33 a5 93 a5 13 a5 83 a5 82 a5
> 53 a5 d2 a5 43 a5 c3 a5 53 a5 22 a5'
> set @packet = '0x'+REPLACE(@packet,' ','')
> select @packet
> --decode
> select
>
dbo.decoder(0xe2a523a5f3a5b2a5f2a533a593a513a583a582a553a5d2a543a5c3a553a522
a5)
> as password
>
> You can see the code for the decoder function here
> http://www.sqldbatips.com/presentations/REALLY_HACKING_SQL.zip
>
> --
> HTH
>
> Jasper Smith (SQL Server MVP)
> http://www.sqldbatips.com
> I support PASS - the definitive, global
> community for SQL Server professionals -
> http://www.sqlpass.org
>
>
> "Buck Taylor" <BuckTaylor@discussions.microsoft.com> wrote in message
> news:491768E5-428E-4232-A6C9-6517326E3FA7@microsoft.com...
> > When I login with an sa account to a SQL server on our network how is
the
> > login and password transferred? Is it encrypted in someway or
transferred
> > in
> > plain text? If someone had a sniffer on my network could they see the
> > password just come across and grab it?
>
>

• Previous message: Jasper Smith: "Re: Is the SA login secure"
• In reply to: Jasper Smith: "Re: Is the SA login secure"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: DTS and the Internet ... It's good to know it is not a login problem, so I can concentrate on the ... network part of the problem. ... >>Server Administrator and has all the permissions. ... > password) for a SQL Server login, ... (microsoft.public.sqlserver.dts) Re: backing up to network share issue. ... As Tibor stated, this is not an SQL Server issue, it is a network ... The SQL login that is accessing the MSDE instance is not ... a factor in whether the process doing the backup has the correct permissions ... (microsoft.public.sqlserver.msde) Re: Is the SA login secure ... --this is an example of a captured password packet ... Jasper Smith (SQL Server MVP) ... > When I login with an sa account to a SQL server on our network how is the ... (microsoft.public.sqlserver.security) Is the SA login secure ... When I login with an sa account to a SQL server on our network how is the ... Is it encrypted in someway or transferred in ... (microsoft.public.sqlserver.security) Re: priviledge escalation techniques ... you've all the tools you need, and you can install additional ones (to ... If I press that BEFORE login, a CLI as SYSTEM is started, I can launch ... If the network is switched, perhaps you need an ARP poisoning tool. ... switches) in such a way that you can fool an ARP poisoning attempt. ... (Pen-Test)