Thank you. I based my article on NGSS work. They are the best security consultants that I can think of. Their work on SQL injection was also a pioneer and we are always learning from them.
quote:
More on the weakness of the passwords:http://www.nextgenss.com/papers/cracking-sql-passwords.pdf
Of course, since this technique requires access to sysxlogins, you can only implement as a sysadmin. Of course, if someone can take advantage of a SQL server vulnerability to escalate his or her access (called privilege escalation)... you get the idea.
The software that came out of the research:
http://www.nextgenss.com/software/ngssqlcrack.html
The review by Steve:
http://www.sqlservercentral.com/columnists/sjones/reviewmssqlcrack.asp
The biggest weakness, of course, is if the network traffic can be sniffed and either multiprotocol (with encryption) or SSL are not in use.
K. Brian Kelley
http://www.truthsolutions.com/
Author: Start to Finish Guide to SQL Server Performance Monitoring
http://www.netimpress.com/shop/product.asp?ProductID=NI-SQL1