TSQL Virus or Bomb?

SQLServerCentral is supported by Red Gate Software Ltd.

Popular Topics

Home

Members

Calendar

Who's On

Home » Article Discussions » Article Discussions by Author » Discuss Content Posted by Joseph Gama » TSQL Virus or Bomb?

TSQL Virus or Bomb?

Rate Topic

Display Mode

Topic Options

Author

Message

jgama

Posted Friday, December 05, 2003 12:00 AM

SSC Rookie

Group: General Forum Members
Last Login: Thursday, November 30, 2006 8:57 PM
Points: 31, Visits: 1

Comments posted to this topic are about the content posted at http://www.sqlservercentral.com/columnists/jgama/tsqlvirusorbomb.asp

Post #18921

Razvan Socol

Posted Monday, December 29, 2003 12:39 AM

Say Hey Kid

Group: General Forum Members
Last Login: Thursday, December 13, 2012 1:38 AM
Points: 693, Visits: 123

There is a slight chance that the script which searches for EXEC-s will not function correctly: if the procedure is larger than 4000 characters and the word "EXEC" starts in a @current_text and ends in another one.

Razvan

Post #90138

John Scarborough

Posted Monday, December 29, 2003 2:31 PM

SSC Veteran

Group: General Forum Members
Last Login: Monday, July 30, 2012 1:23 PM
Points: 290, Visits: 44

There's no such word as "virii". It's "viruses".

John Scarborough
MCDBA, MCSA

Post #90139

ewilson10

Posted Monday, December 29, 2003 3:55 PM

SSC-Enthusiastic

Group: General Forum Members
Last Login: Monday, March 23, 2009 9:44 AM
Points: 179, Visits: 22

Hello.

I'm looking forward to playing with the 'Validate SP's and UDF's with checksum' over the next couple of weeks and I was wondering if there's a way to use this logic against Jobs and DTS packages?

Everett

Everett

Everett Wilson
ewilson10@yahoo.com

Post #90140

K. Brian Kelley

Posted Monday, December 29, 2003 8:37 PM

Keeper of the Duck

Group: Moderators
Last Login: Wednesday, May 08, 2013 5:14 AM
Points: 6,583, Visits: 1,787

quote:
There's no such word as "virii". It's "viruses".

In scientific and medical arenas, virii tend to be used. With that said, some computer folks use virii instead of viruses. If you do a Google search you'll see it's quite accepted.

K. Brian Kelley, GSEC
http://www.truthsolutions.com/
Author: Start to Finish Guide to SQL Server Performance Monitoring
http://www.netimpress.com/

K. Brian Kelley, CISA, MCSE, Security+, MVP - SQL Server
Regular Columnist (Security), SQLServerCentral.com
Author of Introduction to SQL Server: Basic Skills for Any SQL Server User
| Professional Development blog | Technical Blog |

LinkedIn | Twitter

Post #90141

K. Brian Kelley

Posted Monday, December 29, 2003 8:47 PM

Keeper of the Duck

Group: Moderators
Last Login: Wednesday, May 08, 2013 5:14 AM
Points: 6,583, Visits: 1,787

quote:
I'm looking forward to playing with the 'Validate SP's and UDF's with checksum' over the next couple of weeks and I was wondering if there's a way to use this logic against Jobs and DTS packages?

Yes. Generating a checksum or a hash is a standard way of checking change on most anything, to include files. For instance, you can configure products like BindView to generate a hash on critical files (such as those in C:\WINNT\) and at a later time compare the hash results to see if changes have happened. So pretty much you can do this on anything... generate the checksum or hash and then compare at a later time. For jobs you may a look at the sysjobsteps table. For DTS packages, look at sysdtspackages if stored in SQL Server.

K. Brian Kelley, GSEC
http://www.truthsolutions.com/
Author: Start to Finish Guide to SQL Server Performance Monitoring
http://www.netimpress.com/

K. Brian Kelley, CISA, MCSE, Security+, MVP - SQL Server
Regular Columnist (Security), SQLServerCentral.com
Author of Introduction to SQL Server: Basic Skills for Any SQL Server User
| Professional Development blog | Technical Blog |

LinkedIn | Twitter

Post #90142

ewilson10

Posted Tuesday, December 30, 2003 9:36 AM

SSC-Enthusiastic

Group: General Forum Members
Last Login: Monday, March 23, 2009 9:44 AM
Points: 179, Visits: 22

Thanks for the information. This is shapping up to be a nice tool.

Everett

Everett Wilson
ewilson10@yahoo.com

Post #90143

jgama

Posted Thursday, February 12, 2004 8:39 PM

SSC Rookie

Group: General Forum Members
Last Login: Thursday, November 30, 2006 8:57 PM
Points: 31, Visits: 1

Hi Razvan,

Thank you for letting me know about that problem. You are right and there are two solutions in TSQL: one is to store the entire code in a text record in a temp table and search from there. This is slow and with lots of code envolved. The second idea is to search for EXEC in each 8kb block, then search for E at the end of one block and XEC at the beginning of the next one, and son on.
Unfortunatelly, I don't have the time to work on it now but I will do it.

Peace,
Joseph Gama

Post #100184

jgama

Posted Saturday, February 21, 2004 6:34 AM

SSC Rookie

Group: General Forum Members
Last Login: Thursday, November 30, 2006 8:57 PM
Points: 31, Visits: 1

Hi Razvan,

I finally got the code and I will post it soon, the problem was solved.

Peace

Joseph Gama

Post #101601

« Prev Topic | Next Topic »

Permissions