> The above commands were directed to systems that > were listening on > port 1433/tcp and accessible from the outside. The commands in question are attempts to execute stored procedures in MS SQL. > At this time, I am not completely clear on how to > protect from this attack. 1. Block port 1433 at the router/firewall. 2. Use a strong 'sa' password. 3. Remove or restrict access to the stored procedure. > but does anyone on this list know if > this is a safe and effective solution? It most definitely is. We have a particular architecture, w/ SQL, and we've done what you've described, and have had no problems whatsoever. __________________________________________________ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri May 03 2002 - 08:33:50 PDT