This is a note is for SQL Server Administrators... Read further to see if your SQL Server is vulnerable...
As you must be aware that by default SQL server opens port 1433 to the internet when services are installed... And ofcourse the celebrated "sa" account with all rights and no password is world famous... :-) The SPIDA worm took advantage of these two things and made TCP/IP hits on various IP addresses on the internet... Ofcourse, it was bound to find one or another IP who had its 1433 port open and SQL Server "sa" account having password blank... That was it, a silly mistake and what all can happen is to our imagination... Though some of the things worth noting are that the worm deletes certain fields and tries similar other IPs... There can be no end to this...
Also it changes the password to 4 characters, which are ofcourse sent to the hacker and adds guest account into the adminstrator group... You can now imagine what else can happen to your system...
No comments:
Post a Comment