[ale] TCP port 1433 attacks (MS SQL)

Geoffrey esoteric at 3times25.net
Wed May 22 14:00:48 EDT 2002


I've seen three attempts since about 11:00 pm last night, and my site 
certainly isn't well published.  Man I love ipchains... :)

Transam wrote:
> In the past 24 hours there has been a tremendous increase in attacks to
> TCP port 1433 (Microsoft's SQL server).  In at least some of these, the
> attacker is checking for an allowed login with the default account name
> of "sa" and an empty password.  Unless your Firewall is blocking this you
> are at risk.
> 
> There is more information at
> 
> http://Security.ITtoolbox.com/browse.asp?c=SecurityNews&r=/news/dispnews.asp?i=72558
> 
> Best regards,
> 
> Bob Toxen
> book at cavu.com
> http://www.realworldlinuxsecurity.com/ [My 5* book: Real World Linux Security]
> http://www.verysecurelinux.com      [Linux/Unix & Network Security Consulting]
> 
> Fly-By-Day Consulting, Inc.      "Don't go with a fly-by-night outfit!"
> Quality Linux & UNIX security and software consulting since 1990.
> 
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
> sent to listmaster at ale dot org.
> 
> 
> 


-- 
Until later: Geoffrey		esoteric at 3times25.net

I didn't have to buy my radio from a specific company to listen
to FM, why doesn't that apply to the Internet (anymore...)?


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list