Security Basics mailing list archives
SQL tracing
From: "Dave" <isp-lists () beachcomp com>
Date: Sat, 5 Apr 2003 17:40:04 -0500
Hi all, Running SQL 7 on a 2000 system. It seems someone is anxious to login. I'm seeing numerous back to back failed logins for sa, admin and user into the SQL master database. Is there a way to trace any of this? Being that it's 7.0, running profiler cant get remote machine name or info. I know this would be very simply using a firewall log, but that assumes ones colo center knows what they're doing, and I'm finding out quickly that despite an impressive sales pitch, they don't. So, is there any software solution? Is there any logs I'm overlooking? How can I trace who it is? Do you know of any software that will simply keep detailed logs regarding access on a certain port? Thanks in advance for your help. Dave PS.. I understand you may have the urge to blast the email with why I'm running an open SQL server.... However, at this time, I have no choice but to do it until some contracts expire. Thanks for the concern though. :-) ------------------------------------------------------------------- SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.securityfocus.com/SurfControl-security-basics
Current thread:
- SQL tracing Dave (Apr 07)