Re: sa loginname being hacked

From: Dan Guzman (
Date: 10/17/05

Date: Sun, 16 Oct 2005 22:25:30 -0500

Have you considered Windows Authentication?

Hope this helps.
Dan Guzman
SQL Server MVP
"Pipo" <> wrote in message 
> Thanks for the answer Helmut, but we cant do the VPN solution you suggest.
> Yes, it is encrypted, they dont have the password yet!!!
> But if we dont do anything about it they will get it.
> For now we change the password every 5 minutes but we need more securit y.
> So changing the sa loginname will be a good place to start, I cant figure 
> out why I cant change that loginname!!! (like in Oracle!!)
> Or give the sa user no more rights and create my own 'sa'...:-s
> But I guess that the security of SQL server isnt that good or I am 
> wrong?????
> "helmut woess" <> schreef in bericht 
>> Am Sun, 16 Oct 2005 18:41:40 +0200 schrieb Pipo:
>>> Yes, we did. We know one of their IPs and blocked it...
>>> But they are using now another IP (IPnumber 9 and 3 different domains
>>> also!!...:-<)
>>> It takes a lot of work every time blocking another IP of theirs....
>>> So the easy thing for us is to just simply(??) change the sa loginname 
>>> into
>>> something else.
>>> But I guess that's not possible??
>>> We cant change our Domain name or SQL server name also...!!
>>> Why cant I change the sa loginname???
>>> thanks for the help Joseph
>>> "Joseph Bittman MVP MCSD" <> schreef in bericht
>>> news:ukgdT5m0FHA.2884@TK2MSFTNGP09.phx.gbl...
>>>> October 16, 2005
>>>>  Don't you have a router in place between the SQL Server and the 
>>>> outside
>>>> world? Can't you trace where the packets are coming from and block that
>>>> IP/Domain name?
>>>> -- 
>>>>                      Joseph Bittman
>>>>     Microsoft Certified Solution Developer
>>>> Microsoft Most Valuable Professional -- DPM
>>>> Web Site:
>>>> Static IP
>>>> "Pipo" <> wrote in message
>>>> news:OAK3n%23l0FHA.560@TK2MSFTNGP12.phx.gbl...
>>>>> Hi,
>>>>> Is there a way to change the sa as loginname?
>>>>> At work we are getting haked by 'brut-force', every second we are 
>>>>> beinbg
>>>>> attacked with sa and a password.
>>>>> It's a matter of time when the password will be hacked, so changing 
>>>>> the
>>>>> password isnt a solution.
>>>>> If we also can change the sa loginname we will be better of.
>>>>> Or is there something else we can do to prevent the hackers to get our 
>>>>> sa
>>>>> password?
>>>>> Many thanks
>> Is your traffic between clients and Server encrypted? If not they can 
>> find
>> login and passwort in clear text in the traffic.
>> I can highly recommend to use a simple VPN-Server and allow connections
>> from outside only over VPN!
>> bye, helmut