Re: SQL Server Scan

[τ∂υƒιφ * <tas0584 () gmail com>]

Try AuditPro Enterprise

http://www.niiconsulting.com/products/auditpro.html

Sample report
http://www.niiconsulting.com/products/auditpro/reports/apsql.html

--
Taufiq
http://www.niiconsulting.com/products/auditpro.html


2009/7/23 pma111 <pmaneedham () hotmail com>
> Does anybody know of any SQL Server Vulnerability Scanner / tools that can be
> used (SQL Serv 2000)(enumate weak passwords, enumerate the various DB names,
> enumerate SIDS -- if thats what they are called outside Oracle, identify
> blank SA passwords, identify the key vulnerabilities etc)...
>
> I have the IP of the SQL Server, and can run the testing interally within
> the Network...
>
> Any pointers welcome... I am trying to demonstrate how easy it is to get on
> a DB on the Server by sitting on the Network, to demonstrate a threat from
> within...
> --
> View this message in context: http://www.nabble.com/SQL-Server-Scan-tp24623425p24623425.html
> Sent from the Penetration Testing mailing list archive at Nabble.com.
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------



--
--
cheers
TAS

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------