Re: sa loginname being hacked
From: Pipo (Pipo_at_home.com)
Date: Sun, 16 Oct 2005 21:00:23 +0200
Thanks for the answer Helmut, but we cant do the VPN solution you suggest.
Yes, it is encrypted, they dont have the password yet!!!
But if we dont do anything about it they will get it.
For now we change the password every 5 minutes but we need more securit y.
So changing the sa loginname will be a good place to start, I cant figure
out why I cant change that loginname!!! (like in Oracle!!)
Or give the sa user no more rights and create my own 'sa'...:-s
But I guess that the security of SQL server isnt that good or I am
"helmut woess" <firstname.lastname@example.org> schreef in bericht
> Am Sun, 16 Oct 2005 18:41:40 +0200 schrieb Pipo:
>> Yes, we did. We know one of their IPs and blocked it...
>> But they are using now another IP (IPnumber 9 and 3 different domains
>> It takes a lot of work every time blocking another IP of theirs....
>> So the easy thing for us is to just simply(??) change the sa loginname
>> something else.
>> But I guess that's not possible??
>> We cant change our Domain name or SQL server name also...!!
>> Why cant I change the sa loginname???
>> thanks for the help Joseph
>> "Joseph Bittman MVP MCSD" <RyanBittman@msn.com> schreef in bericht
>>> October 16, 2005
>>> Don't you have a router in place between the SQL Server and the outside
>>> world? Can't you trace where the packets are coming from and block that
>>> IP/Domain name?
>>> Joseph Bittman
>>> Microsoft Certified Solution Developer
>>> Microsoft Most Valuable Professional -- DPM
>>> Web Site: http://18.104.22.168/
>>> Static IP
>>> "Pipo" <Pipo@home.com> wrote in message
>>>> Is there a way to change the sa as loginname?
>>>> At work we are getting haked by 'brut-force', every second we are
>>>> attacked with sa and a password.
>>>> It's a matter of time when the password will be hacked, so changing the
>>>> password isnt a solution.
>>>> If we also can change the sa loginname we will be better of.
>>>> Or is there something else we can do to prevent the hackers to get our
>>>> Many thanks
> Is your traffic between clients and Server encrypted? If not they can find
> login and passwort in clear text in the traffic.
> I can highly recommend to use a simple VPN-Server and allow connections
> from outside only over VPN!
> bye, helmut