Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

RE: Windows Systems Defaced
From: H C <keydet89 () yahoo com>
Date: Fri, 3 May 2002 05:28:29 -0700 (PDT)


The above commands were directed to systems that
were listening on
port 1433/tcp and accessible from the outside.


The commands in question are attempts to execute
stored procedures in MS SQL.


At this time, I am not completely clear on how to
protect from this attack. 


1.  Block port 1433 at the router/firewall.
2.  Use a strong 'sa' password.
3.  Remove or restrict access to the stored procedure.


but does anyone on this list know if
this is a safe and effective solution?


It most definitely is.  We have a particular
architecture, w/ SQL, and we've done what you've
described, and have had no problems whatsoever.


__________________________________________________
Do You Yahoo!?
Yahoo! Health - your guide to health and wellness
http://health.yahoo.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]