Re: Connect to SQL Server
- From: lyle fairfield <lyle.fairfield@xxxxxxxxx>
- Date: Sat, 16 Aug 2008 16:08:31 -0700 (PDT)
Thousands do. Almost two years ago I created a blank internet enabled
(port 1433) MS-SQL db and invited anyone who claimed this was insecure
to login and create a table named after himself or herself. So far
there none of these tables has been created.
Why would we think these are insecure? We need a login, username and
password. How is this different than hacking into a site, say
bway.com?
Almost all server sites will shut down anyone who tries a brute force
attack. So unless one can guess the address of the server and that my
login is q30f-!!\o` i9&æú and my password is A£œpi97Q`~pç one will not
be able to connect.
Very sophisticated intrusion prevention devices such as that described
at http://www.tippingpoint.com/products_ips.html protect these sites
from random poking around.
On Aug 16, 5:40 pm, "David W. Fenton" <XXXuse...@xxxxxxxxxxxxxxxxxxx>
wrote:
Tom van Stiphout <no.spam.tom7...@xxxxxxx> wrote innews:lkfca4hiadlreveqf9cjelupioe2juu7qa@xxxxxxx:
you may be able to talk the company into opening up the SQL
Server port 1433 on their firewall (of course after properly
securing such access) so you can use it.
No competent sysadmin is going to do that.
--
David W. Fenton http://www.dfenton.com/
usenet at dfenton dot com http://www.dfenton.com/DFA/
.
- References:
- Connect to SQL Server
- From: PeterW
- Re: Connect to SQL Server
- From: Tom van Stiphout
- Re: Connect to SQL Server
- From: David W. Fenton
- Connect to SQL Server
- Prev by Date: Re: Connect to SQL Server
- Next by Date: Re: Add Record
- Previous by thread: Re: Connect to SQL Server
- Next by thread: Re: Connect to SQL Server
- Index(es):
Relevant Pages
|
