Re: Please Help: Someone is hacking my server!

From: Joe Webb (joew_at_webbtechsolutions.com)
Date: 05/04/05

• Next message: A.M: "Re: Please Help: Someone is hacking my server!"
• Previous message: Beige Bond: "Re: Please Help: Someone is hacking my server!"
• In reply to: Michael C#: "Re: Please Help: Someone is hacking my server!"
• Next in thread: A.M: "Re: Please Help: Someone is hacking my server!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 04 May 2005 15:23:32 -0500

In addition to all of these suggestions, you can also use the firewall
to block access from all outside IPs except those used by the admins
and developers.

Still the solution is to get a VPN setup and get the SQL Server box
off the internet. To expensive you say? How much will it cost your
company *when* the hacker gets through? I bet it's more than the cost
of some VPNs.

-- 
Joe Webb
SQL Server MVP
~~~
Get up to speed quickly with SQLNS
http://www.amazon.com/exec/obidos/tg/detail/-/0972688811 
I support PASS, the Professional Association for SQL Server.
(www.sqlpass.org)
On Sat, 30 Apr 2005 11:39:51 -0400, "Michael C#" <xyz@abcdef.com>
wrote:
>Change the port from 1433, block that IP address, make the sa password 
>something ridiculously difficult (or better yet, switch to Windows 
>integrated security only) and implement VPN.
>
>"A.M" <Hate-Spam@nowhere.com> wrote in message 
>news:e%235pS4YTFHA.612@TK2MSFTNGP12.phx.gbl...
>> Hi,
>>
>>
>>
>> My SQL server is has a public IP address admins and developers can access 
>> and manage remotely (this is the requirement)
>>
>>
>>
>> When I monitor the SQL server port I can see some one is brutally trying 
>> to hack my server. There are almost 70 connections from IP address 
>> 66.15.173.105 that try to connect to my server.
>>
>>
>>
>> My guess is he is trying to use brute force technique to find the sa 
>> password.
>>
>>
>>
>> What is the best way to prevent that? Can I adjust some settings, to have 
>> failed logins wait for 10 seconds?
>>
>>
>>
>> Any help would be appreciated,
>>
>> Alan
>>
>>
>>
>>
>>
>> 
>

• Next message: A.M: "Re: Please Help: Someone is hacking my server!"
• Previous message: Beige Bond: "Re: Please Help: Someone is hacking my server!"
• In reply to: Michael C#: "Re: Please Help: Someone is hacking my server!"
• Next in thread: A.M: "Re: Please Help: Someone is hacking my server!"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: SQL Server Issues ::: ( how to avoid this issues ) ... and I can sure *not* login to my SQL Server! ... > DAT files, it wont work unless u supply the exact parameters... ... > database security, the traderes will be really into deep truble... ... >>> You *cannot* keep your domain admins out of SQL Server. ... (microsoft.public.sqlserver.server) Re: Full text HELP!!! ... Looking for a book on SQL Server replication? ... When i populate it.. ... > admins need to be in the logins.. ... > builtin admin AND nt authority system and ... (microsoft.public.sqlserver.fulltext) Re: users require SQL admin but not server admin ? ... server role in SQL Server, without making them a part of local admins group ... on the box, or domain admins. ... Vyas, MVP (SQL Server) ... (microsoft.public.sqlserver.server) Full text HELP!!! ... 1- full text service is running under local system account ... 2- sql server is running under a domain account ... admins need to be in the logins.. ... (microsoft.public.sqlserver.fulltext) Re: SQL Server Issues ::: ( how to avoid this issues ) ... most of the SQL Server mid-ranged clients are Trading companies... ... database security, the traderes will be really into deep truble... ... DAT files, it wont work unless u supply the exact parameters... ... >> admins, then consider encrypting it before it's put into the database, ... (microsoft.public.sqlserver.server)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint