September 10, 2010
Login
|
Home
FAQs
SQL Server FAQ
SQL Injection FAQ
SQL Security Checklist
SQL Server-Related Products
SQL Server/MSDE-Based Applications
SQL Server Version Database
Tools
Lockdown Script
Free Tools
Free Analysis
Group Policy Templates
Commercial Tools
Community
Discussions
Links
About
Search
SQL Security Forums
Note: SQLSecurity.com does not allow nor require registration due to privacy concerns for users. SQLSecurity.com is open and anonymous for all. Please report any abuse or profanity.
Unanswered
Active Topics
Forums
Search
UserName:
Subject:
Looking for Rogue SQL Servers on network.....
Body:
[quote]Posted By n/a on 01/06/2003 11:28 AM Jim - I commend you for taking on the task of tracking down these SQL Servers! That said - I'm bit confused as you why you are not having success tracking down rogue SQL Servers with SQLPing (as I have had great success with it). Keep in mind that SQLPing can find an instance of SQL Server 2000 even if it is not listening on TCP 1433. That is because SQLPing does not scan TCP ports (although SQLPing2 does have that additional capability). SQLPing queries the SQL Resolution Service listening on ALL SQL Server 2000 installations on UDP 1434 (unless all netlibs have been removed or it is filtered). Also, if you know the broadcast address of your subnet (192.168.1.255 for example), you can SQLPing that address and ANY server on that subnet running SQLServer 2000 should reply. Please feel free to write me if you have any questions or need additional help. If you want a commercial tool then both SQLSquirrel (NGSSOFTWARE.COM) and AppDetective (APPSECINC.COM) have tools that incorporate the same functionality as SQLPing with additional scanning and reporting capabilities. [/quote]
Show Replies:
ActiveForums 3.6
Copyright 1999 by Chip Andrews
|
Privacy Statement
|
Terms Of Use