Re: ANNOUNCEMENT: New SQL Server security tool - SQL Server 2000 Scan Tool

From: Jerry Bryant [MSFT] (jbryant@online.microsoft.com)
Date: 01/31/03 

From: "Jerry Bryant [MSFT]" <jbryant@online.microsoft.com>
Date: Thu, 30 Jan 2003 16:21:52 -0800

Check the docs there. There are more than one scanning tools:

SQL Scan will scan a computer, a domain or a range of IP addresses.

SQL Check scans the local machine

The third tool available, SQL Critical Update, scans the computer on which
it is running for instances of SQL Server 2000 and MSDE 2000 that are
vulnerable to the Slammer worm, updating the affected files. SQL Critical
Update runs on computers running Windows NT 4.0 or higher. 

--
Regards,
Jerry Bryant - MCSE, MCDBA
Microsoft IT Communities
Get Secure! www.microsoft.com/security
This posting is provided "AS IS" with no warranties, and confers no rights.
"neo techopolis" <ne0@collusion.org> wrote in message
news:4db46b8d.0301301358.1bcf0b9c@posting.google.com...
> It only scans the HOST?  Are you kidding?  You've had DAYS to work on
> this and you produce this utility.  There are tons of REAL tools out
> there to help diagnose vulnerability posture.  Try eEye's Sapphire
> worm scanner.  (http://www.eeye.com/html/Research/Tools/SapphireSQL.html)
> The freeware version scans 256 IP's at a time.  HFNetCheck has a
> similar scanner but it only checks registry keys (eg you must have
> administrative priv's).  eEye's is the only one I know of that figured
> out how to do this w/out admin priv's and it's a bit more accurate
>
> "Jerry Bryant [MSFT]" <jbryant@online.microsoft.com> wrote in message
news:<OgkKKfHyCHA.2916@TK2MSFTNGP09>...
> > Please read below for information about this tool. For discussions on
this
> > tool, please go to:
> >
> > microsoft.public.sqlserver.securitytools
> >
> > --
> > Regards,
> >
> > Jerry Bryant - MCSE, MCDBA
> > Microsoft IT Communities
> >
> > Get Secure! www.microsoft.com/security
> >
> >
> > This posting is provided "AS IS" with no warranties, and confers no
rights.
> > "Euan Garden[MS]" <euang@online.microsoft.com> wrote in message
> > news:uKNPW2CyCHA.2196@TK2MSFTNGP10...
> > > SQL Server 2000 SQL Scan Tool (SQL Scan)
> > > This utility scans an individual computer, a Windows domain, or a
range of
> > > IP addresses for instances of SQL Server 2000 and MSDE 2000, and
> >  identifies
> > > instances that may be vulnerable to the Slammer worm. SQL Scan runs on
> > > computers running Windows 2000 or higher and can identify instances
> >  running
> > > on Windows NT 4.0, Windows 2000, or Windows XP.
> > >
> > > http://www.microsoft.com/sql/downloads/securitytools.asp
> > >
> > > Please direct any questions you have on this tool to
> > > microsoft.public.sqlserver.securitytools or to Microsoft Product
Support
> > > Services.
> > >
> > > --
> > > -Euan
> > >
> > > Please reply only to the newsgroup so that others can benefit. When
> >  posting,
> > > please state the version of SQL Server being used and the error
> >  number/exact
> > > error message text received, if any.
> > >
> > > This posting is provided "AS IS" with no warranties, and confers no
> >  rights.
> > >
> > >
> > >

Relevant Pages