Sergiy (3/26/2013)
opc.three (3/26/2013)
Securing SQL Server by Denny Cherry:- page 153 recommends to "disable xp_cmdshell"
- page 161 recommends "removing the extended stored proc xp_cmdshell" but goes on to say that (paraphrased) "you may need to add them back before doing system upgrades and they can be re-added by a crafty attacker with the right level of permissions and knowledge of the system"
OK, another one fallen into the same misconception.
Not really surprising.
Jeff pointed out that it's a very common one.
Denny left the back door open for him to escape though.
Still not sure that knowing how to use "sp_configure" makes you some kind of crafty one.
He was not referring to sp_configure at all.
http://www.galileowaswrong.com/galileowaswrong
You're a clown, that's funny 😛
There are no special teachers of virtue, because virtue is taught by the whole community.
--Plato