Re: sa loginname being hacked

From: Joseph Bittman MVP MCSD (RyanBittman_at_msn.com)
Date: 10/18/05 

Date: Tue, 18 Oct 2005 09:36:27 -0700

October 18, 2005

   lol I didn't set this thread to 'watch' so I lost it....

   How are they being allowed to hit the SQL server with requests? SQL
Servers should not be directly accessable from the outside world, and should
have a web server or some other server in place to receive the requests
first. I would block all traffic going to XXXXXX IP (your SQL Server's IP)
from the outside network, and then implement another router or somewhere
which allows only traffic from XXX IP (your web servers).

 I don't believe you can change the sa account name, as toooooo many
programs rely on it as the 'default' name. Hope this helps! 

-- 
                      Joseph Bittman
     Microsoft Certified Solution Developer
Microsoft Most Valuable Professional -- DPM
Web Site: http://71.39.42.23/
Static IP
"Pipo" <Pipo@home.com> wrote in message 
news:u7nI%23Bn0FHA.1132@TK2MSFTNGP10.phx.gbl...
> Yes, we did. We know one of their IPs and blocked it...
> But they are using now another IP (IPnumber 9 and 3 different domains 
> also!!...:-<)
> It takes a lot of work every time blocking another IP of theirs....
> So the easy thing for us is to just simply(??) change the sa loginname 
> into something else.
> But I guess that's not possible??
> We cant change our Domain name or SQL server name also...!!
> Why cant I change the sa loginname???
>
> thanks for the help Joseph
>
> "Joseph Bittman MVP MCSD" <RyanBittman@msn.com> schreef in bericht 
> news:ukgdT5m0FHA.2884@TK2MSFTNGP09.phx.gbl...
>> October 16, 2005
>>
>>  Don't you have a router in place between the SQL Server and the outside 
>> world? Can't you trace where the packets are coming from and block that 
>> IP/Domain name?
>>
>> -- 
>>                      Joseph Bittman
>>     Microsoft Certified Solution Developer
>> Microsoft Most Valuable Professional -- DPM
>>
>> Web Site: http://71.39.42.23/
>> Static IP
>> "Pipo" <Pipo@home.com> wrote in message 
>> news:OAK3n%23l0FHA.560@TK2MSFTNGP12.phx.gbl...
>>> Hi,
>>>
>>> Is there a way to change the sa as loginname?
>>> At work we are getting haked by 'brut-force', every second we are beinbg 
>>> attacked with sa and a password.
>>> It's a matter of time when the password will be hacked, so changing the 
>>> password isnt a solution.
>>> If we also can change the sa loginname we will be better of.
>>> Or is there something else we can do to prevent the hackers to get our 
>>> sa password?
>>>
>>> Many thanks
>>>
>>
>>
>
>

Relevant Pages

  • RE: SBS 2003 Unable to connect to database STS_Config
    ... Uninstall the SQL server from the SBS 2k3 server from add/remove programs ... Uninstall Microsoft SQL Server Desktop Engine (SHAREPOINT) ... If AV software install any extra IIS virtual directory, ...
    (microsoft.public.windows.server.sbs)
  • Re: Memory issues with 64-bit SQL Server 2005 on 64-bit Win 2003 C
    ... I also checked the individual patch levels for the .NET drivers, SQL Server ... The SQL Server is fully patched, however Windows Update reported that the OS ... Lock pages in memory -- I guess you might have taken care of it as well. ...
    (microsoft.public.sqlserver.clustering)
  • RE: migrating from wmsde to sql server
    ... Click Start, point to All Programs\Microsoft SQL Server, and then click ... then click New SQL Server Registration. ... Microsoft CSS Online Newsgroup Support ... This newsgroup only focuses on SBS technical issues. ...
    (microsoft.public.windows.server.sbs)
  • RE: SBS 2003 Unable to connect to database STS_Config
    ... Uninstall the SQL server from the SBS 2k3 server from add/remove programs ... Uninstall Microsoft SQL Server Desktop Engine (SHAREPOINT) ... If AV software install any extra IIS virtual directory, ...
    (microsoft.public.windows.server.sbs)
  • Re: Best replication architecture?
    ... Looking for a SQL Server replication book? ... So if it is subscribing to Publisher 1, ...
    (microsoft.public.sqlserver.replication)