Re: Please Help: Someone is hacking my server!
From: Mike Epprecht \(SQL MVP\) (mike_at_epprecht.net)
Date: 04/30/05
- Previous message: A.M: "Please Help: Someone is hacking my server!"
- In reply to: A.M: "Please Help: Someone is hacking my server!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 30 Apr 2005 16:56:20 +0200
Hi
You can't do much as you exposed your SQL Server to the outside world.
At best, you can filter the source IP and port at the router, blocking
66.15.173.105
SQL Server 2000 does not allow account lockouts or account policies.
If developers and admins need access to your SQL Server, look at
implementing a VPN, but for sure, don't expose SQL Server directly to the
internet.
Regards
--------------------------------
Mike Epprecht, Microsoft SQL Server MVP
Zurich, Switzerland
IM: mike@epprecht.net
MVP Program: http://www.microsoft.com/mvp
Blog: http://www.msmvps.com/epprecht/
"A.M" <Hate-Spam@nowhere.com> wrote in message
news:e%235pS4YTFHA.612@TK2MSFTNGP12.phx.gbl...
> Hi,
>
>
>
> My SQL server is has a public IP address admins and developers can access
> and manage remotely (this is the requirement)
>
>
>
> When I monitor the SQL server port I can see some one is brutally trying
> to hack my server. There are almost 70 connections from IP address
> 66.15.173.105 that try to connect to my server.
>
>
>
> My guess is he is trying to use brute force technique to find the sa
> password.
>
>
>
> What is the best way to prevent that? Can I adjust some settings, to have
> failed logins wait for 10 seconds?
>
>
>
> Any help would be appreciated,
>
> Alan
>
>
>
>
>
>
- Previous message: A.M: "Please Help: Someone is hacking my server!"
- In reply to: A.M: "Please Help: Someone is hacking my server!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
