Re: sa loginname being hacked

From: Dan Guzman (guzmanda_at_nospam-online.sbcglobal.net)
Date: 10/17/05 

Date: Mon, 17 Oct 2005 07:47:34 -0500

Non-trusted connections using the standard SQL 'sa' login are not allowed
when SQL Server is configured for only Windows authentication. This is the
most secure authentication method. 

-- 
Hope this helps.
Dan Guzman
SQL Server MVP
"Pipo" <NoSpam@me.com> wrote in message 
news:%23UVSk3v0FHA.2752@TK2MSFTNGP12.phx.gbl...
> What do you mean by that?
> I still have the sa account which is active....so they still can get in 
> via
> the sa account.
>
> "Dan Guzman" <guzmanda@nospam-online.sbcglobal.net> wrote in message
> news:%23Zigups0FHA.1040@TK2MSFTNGP14.phx.gbl...
>> Have you considered Windows Authentication?
>>
>> -- 
>> Hope this helps.
>>
>> Dan Guzman
>> SQL Server MVP
>>
>> "Pipo" <Pipo@home.com> wrote in message
>> news:u757cPo0FHA.1564@tk2msftngp13.phx.gbl...
>> > Thanks for the answer Helmut, but we cant do the VPN solution you
> suggest.
>> > Yes, it is encrypted, they dont have the password yet!!!
>> > But if we dont do anything about it they will get it.
>> > For now we change the password every 5 minutes but we need more securit
> y.
>> > So changing the sa loginname will be a good place to start, I cant
> figure
>> > out why I cant change that loginname!!! (like in Oracle!!)
>> > Or give the sa user no more rights and create my own 'sa'...:-s
>> >
>> > But I guess that the security of SQL server isnt that good or I am
>> > wrong?????
>> >
>> >
>> >
>> >
>> >
>> > "helmut woess" <hw@iis.at> schreef in bericht
>> > news:1jmjhgla30xw6.g3j5avfsyn1b.dlg@40tude.net...
>> >> Am Sun, 16 Oct 2005 18:41:40 +0200 schrieb Pipo:
>> >>
>> >>> Yes, we did. We know one of their IPs and blocked it...
>> >>> But they are using now another IP (IPnumber 9 and 3 different domains
>> >>> also!!...:-<)
>> >>> It takes a lot of work every time blocking another IP of theirs....
>> >>> So the easy thing for us is to just simply(??) change the sa 
>> >>> loginname
>> >>> into
>> >>> something else.
>> >>> But I guess that's not possible??
>> >>> We cant change our Domain name or SQL server name also...!!
>> >>> Why cant I change the sa loginname???
>> >>>
>> >>> thanks for the help Joseph
>> >>>
>> >>> "Joseph Bittman MVP MCSD" <RyanBittman@msn.com> schreef in bericht
>> >>> news:ukgdT5m0FHA.2884@TK2MSFTNGP09.phx.gbl...
>> >>>> October 16, 2005
>> >>>>
>> >>>>  Don't you have a router in place between the SQL Server and the
>> >>>> outside
>> >>>> world? Can't you trace where the packets are coming from and block
> that
>> >>>> IP/Domain name?
>> >>>>
>> >>>> -- 
>> >>>>                      Joseph Bittman
>> >>>>     Microsoft Certified Solution Developer
>> >>>> Microsoft Most Valuable Professional -- DPM
>> >>>>
>> >>>> Web Site: http://71.39.42.23/
>> >>>> Static IP
>> >>>> "Pipo" <Pipo@home.com> wrote in message
>> >>>> news:OAK3n%23l0FHA.560@TK2MSFTNGP12.phx.gbl...
>> >>>>> Hi,
>> >>>>>
>> >>>>> Is there a way to change the sa as loginname?
>> >>>>> At work we are getting haked by 'brut-force', every second we are
>> >>>>> beinbg
>> >>>>> attacked with sa and a password.
>> >>>>> It's a matter of time when the password will be hacked, so changing
>> >>>>> the
>> >>>>> password isnt a solution.
>> >>>>> If we also can change the sa loginname we will be better of.
>> >>>>> Or is there something else we can do to prevent the hackers to get
> our
>> >>>>> sa
>> >>>>> password?
>> >>>>>
>> >>>>> Many thanks
>> >>>>>
>> >>>>
>> >>>>
>> >> Is your traffic between clients and Server encrypted? If not they can
>> >> find
>> >> login and passwort in clear text in the traffic.
>> >> I can highly recommend to use a simple VPN-Server and allow 
>> >> connections
>> >> from outside only over VPN!
>> >>
>> >> bye, helmut
>> >
>> >
>>
>>
>
>

Relevant Pages

  • Re: sa loginname being hacked
    ... SQL Server MVP ... > Thanks for the answer Helmut, but we cant do the VPN solution you suggest. ... > So changing the sa loginname will be a good place to start, ...
    (microsoft.public.sqlserver.security)
  • Re: problem when calling a stored procedure from ms sql 2000 with java
    ... > I am trying to call a stored procedure from ms sql server 2000 but I cant ... FirstSQL/J Object/Relational DBMS ...
    (comp.lang.java.databases)
  • Re: Compass Software
    ... matter what I do. ... > And the fact that you cant just change a code and upload...you gotta send ... > Their use of upload/download is also confusing...to me you upload to a ... > | MySql or even SQL server can do the job. ...
    (alt.security.alarms)
  • Re: using modify table command
    ... Am new to sql server to sobear with me, have checked around but cant ... I want to change fieldname from nvarcharto nvarcharas part ... ALTER TABLE myTable ALTER COLUMN fieldname nvarchar ...
    (comp.databases.ms-sqlserver)
  • Re: Credentials not being passed with remote access
    ... allowed windows authentication to work, ... I had assumed johnx was a domain user rather than a local Windows account. ... johnx was set up as a local login on sql server. ...
    (microsoft.public.sqlserver.security)