Re: ANNOUNCEMENT: New SQL Server security tool - SQL Server 2000 Scan Tool
From: Bill Sanderson (Bill_Sanderson@msn.com.plugh.org)
Date: 01/30/03
- Next message: Karl Levinson [x y] mvp: "Re: Messeger service"
- Previous message: Simon: "Disabling The Control Panal"
- In reply to: neo techopolis: "Re: ANNOUNCEMENT: New SQL Server security tool - SQL Server 2000 Scan Tool"
- Next in thread: neo techopolis: "Re: ANNOUNCEMENT: New SQL Server security tool - SQL Server 2000 Scan Tool"
- Reply: neo techopolis: "Re: ANNOUNCEMENT: New SQL Server security tool - SQL Server 2000 Scan Tool"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Bill Sanderson" <Bill_Sanderson@msn.com.plugh.org> Date: Thu, 30 Jan 2003 17:12:33 -0500
Bear in mind that eEye's tool, while very useful, won't detect an already
infected host. No network scanning tool looking at the SQL ports will, I
believe.
"neo techopolis" <ne0@collusion.org> wrote in message
news:4db46b8d.0301301358.1bcf0b9c@posting.google.com...
> It only scans the HOST? Are you kidding? You've had DAYS to work on
> this and you produce this utility. There are tons of REAL tools out
> there to help diagnose vulnerability posture. Try eEye's Sapphire
> worm scanner. (http://www.eeye.com/html/Research/Tools/SapphireSQL.html)
> The freeware version scans 256 IP's at a time. HFNetCheck has a
> similar scanner but it only checks registry keys (eg you must have
> administrative priv's). eEye's is the only one I know of that figured
> out how to do this w/out admin priv's and it's a bit more accurate
>
> "Jerry Bryant [MSFT]" <jbryant@online.microsoft.com> wrote in message
> news:<OgkKKfHyCHA.2916@TK2MSFTNGP09>...
> > Please read below for information about this tool. For discussions on
> > this
> > tool, please go to:
> >
> > microsoft.public.sqlserver.securitytools
> >
> > --
> > Regards,
> >
> > Jerry Bryant - MCSE, MCDBA
> > Microsoft IT Communities
> >
> > Get Secure! www.microsoft.com/security
> >
> >
> > This posting is provided "AS IS" with no warranties, and confers no
> > rights.
> > "Euan Garden[MS]" <euang@online.microsoft.com> wrote in message
> > news:uKNPW2CyCHA.2196@TK2MSFTNGP10...
> > > SQL Server 2000 SQL Scan Tool (SQL Scan)
> > > This utility scans an individual computer, a Windows domain, or a
> > > range of
> > > IP addresses for instances of SQL Server 2000 and MSDE 2000, and
> > identifies
> > > instances that may be vulnerable to the Slammer worm. SQL Scan runs on
> > > computers running Windows 2000 or higher and can identify instances
> > running
> > > on Windows NT 4.0, Windows 2000, or Windows XP.
> > >
> > > http://www.microsoft.com/sql/downloads/securitytools.asp
> > >
> > > Please direct any questions you have on this tool to
> > > microsoft.public.sqlserver.securitytools or to Microsoft Product
> > > Support
> > > Services.
> > >
> > > --
> > > -Euan
> > >
> > > Please reply only to the newsgroup so that others can benefit. When
> > posting,
> > > please state the version of SQL Server being used and the error
> > number/exact
> > > error message text received, if any.
> > >
> > > This posting is provided "AS IS" with no warranties, and confers no
> > rights.
> > >
> > >
> > >
- Next message: Karl Levinson [x y] mvp: "Re: Messeger service"
- Previous message: Simon: "Disabling The Control Panal"
- In reply to: neo techopolis: "Re: ANNOUNCEMENT: New SQL Server security tool - SQL Server 2000 Scan Tool"
- Next in thread: neo techopolis: "Re: ANNOUNCEMENT: New SQL Server security tool - SQL Server 2000 Scan Tool"
- Reply: neo techopolis: "Re: ANNOUNCEMENT: New SQL Server security tool - SQL Server 2000 Scan Tool"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
