Re: Internet password attacks
From: Russell Stevens (rustyprogrammer_at_online.nospam)
Date: 08/26/05
- Next message: dobrzak: "login failed for user "null""
- Previous message: Jasper Smith: "Re: PUBLIC db role"
- In reply to: Rob R. Ainscough: "Re: Internet password attacks"
- Next in thread: Hal Berenson: "Re: Internet password attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 25 Aug 2005 19:30:29 -0400
Rob,
<<So you can confirm SQL 2005 does address this issue? Do you have details
on
how?>>
SQL 2005 uses the normal Windows 2003 logon stuff - ie - you can allow 3
unsucessful logins, then have a lockout period of 30 minutes or whatever
(you specify both). I haven't actually verified this - it is in the docs but
it doesn't work under WinXP - after much searching I found that this feature
will only work on Win2003 server and I haven't installed the Beta on a
server yet.
<<I have port 1433 and 1434 open also going thru a Virtual IP, so far no
attacks.>>
Depending on how you are looking you may not notice them. Some drones are
just dialup - you would have a hard time seeing the once per second login
attempt on the bandwidth. Some drones are on high speed connections - will
give you a straight line on your bandwidth (30 or more connection attempts
per second). To see if anyone is trying, run the SQL Profiler and setup a
trace to record unsuccessful logins. They won't show up in your normal
events log. If 1433 is open to the Internet you can almost bet someone is
trying to get in during some parts of the day. Not sure why you would want
udp 1434 open - make them work a little harder <g>.
Russ Stevens
- Next message: dobrzak: "login failed for user "null""
- Previous message: Jasper Smith: "Re: PUBLIC db role"
- In reply to: Rob R. Ainscough: "Re: Internet password attacks"
- Next in thread: Hal Berenson: "Re: Internet password attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
