[TCLUG] firewall logs and Port 1433

Tue May 21 11:27:07 CDT 2002

Thanks for the heads up!

-=- Craig

----- Original Message -----
From: "Robert P. Goldman" <goldman at htc.honeywell.com>
To: "Kelly Black" <kelly.black at penguinpackets.com>;
<tclug-list at mn-linux.org>
Sent: Tuesday, May 21, 2002 8:08 AM
Subject: [TCLUG] firewall logs and Port 1433

> I believe I just saw something about this in the SANS NewsBites.  Here
> you go:
>
> http://www.incidents.org/diary/diary.php?id=152
>
> An excerpt:
>
> Large scale MSSQL scans.
> ================================================================
> ========================
>
> For the last few days, we received a number of reports of widespread
> scans of port 1433. The most common use of port 1433 is Microsoft's
> SQL server.
>
> Just this march, a vulnerability in SQL Server 7.0 and 2000 was shown
> to allow access to the the security context of the server
> (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0154).
Microsoft
> released and advisory and a patch for this problem.
>
(http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security
/bulletin/MS02-020.asp
> )
>
> It has also been known that many administrators do not change the
> default password for the administrator account. SQL Server by default
> ships with no password set for this account
> ( http://www.bhs.silesianet.pl/html/sql.htm ).
>
>
> _______________________________________________
> Twin Cities Linux Users Group Mailing List - Minneapolis/St. Paul,
Minnesota
> http://www.mn-linux.org
> tclug-list at mn-linux.org
> https://mailman.mn-linux.org/mailman/listinfo/tclug-list
>
>