RE: A Welcome Intruder – SQLServerCentral

SSC Guru

Points: 107049

December 1, 2011 at 11:41 pm

I've participated in intrusion/penetration tests, too.

We thought we were in a good shape until the person we got in to perform the test found a piece of software on our system which had silently installed SQL2000 as a back end with login and pwd widely spread across the internet. Even worse, this login had privileges to run xp_cmdshell and could not be altered.

Within a few seconds he had his own login at the system with admin privileges. He asked us if he should escalate to domain admin privileges...

That stuff was way beyond just being scary. Consequence: A few days later the software in question got upgraded to a SQL2005 backend with locked down privileges.

The positive parts about it: any approach to break into our system from the outside failed (And I expect that guy tried more than just the "simple ways"...). And we've learned how to look for such holes and close it.

Lutz
A pessimist is an optimist with experience.

How to get fast answers to your question[/url]
How to post performance related questions[/url]
Links for Tally Table [/url] , Cross Tabs [/url] and Dynamic Cross Tabs [/url], Delimited Split Function[/url]