Full Disclosure mailing list archives
Re: [SPAM] Re: Spybot and SQL
From: Jacek Barcikowski <m.esco () wp pl>
Date: Fri, 11 Feb 2005 09:51:07 +0100
Matthew Farrenkopf wrote:
(The MSDE engine was installed on two machines for an application we use, and the engine is used only locally by the application. The thought never crossed my mind that the engine was misconfigured with a blank sa password, but on analysis it looks like that's how the application communicates with the database. There's no option to add a password in the application, so I blocked port 1433 to the outside world. Problem solved until we can talk to the vendor.)
<off_topic>Before the installation you can set up a setup.ini file with DISABLENETWORKPROTOCOLS=1 configuration option in it. MSDE will not listen to any port, therefore cannot be accessed from the net.
</off_topic> Best reagards, m.esco _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Spybot and SQL mjcarter (Feb 10)
- Re: Spybot and SQL Geza Papp dr (Axelero) (Feb 11)
- <Possible follow-ups>
- Re: Spybot and SQL Matthew Farrenkopf (Feb 10)
- Re: [SPAM] Re: Spybot and SQL Jacek Barcikowski (Feb 11)
- Re[2]: Spybot and SQL Geza Papp dr (Axelero) (Feb 11)
- New wired from Panda alets - MyDoom-AK Geza Papp dr (Axelero) (Feb 11)