Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion Groups
DB Engine
SQL ServerMSDESQL Server CE
Services
Analysis (Data Mining)Analysis (OLAP)DTSIntegration ServicesNotification ServicesReporting Services
Programming
CLRConnectivitySQLXML
Other Technologies
ClusteringEnglish QueryFull-Text SearchReplicationService Broker
General
Data WarehousingPerformanceSecuritySetupSQL Server ToolsOther SQL Server Topics
DirectoryUser Groups
Related Topics
MS AccessOther DB ProductsMS Server Products.NET DevelopmentVB DevelopmentJava DevelopmentMore Topics ...
SQL Server Forum / Other Technologies / Full-Text Search / September 2007

Tip: Looking for answers? Try searching our database.

Turning off signature verification on word breakers

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
InstantKiwi - 07 Sep 2007 06:23 GMT
Howdy folks,

Some of you may have experience the issue described in the following
MS kb article, "You may experience a 45-second delay when you run a
full-text query in an instance of SQL Server 2005 that is running on a
server without Internet access" (http://support.microsoft.com/kb/
915850).

Does anybody know what the risks are of implementing the suggested
work around which is to turn off signature verification on word breaks
(e.g. - sp_fulltext_service 'verify_signature', 0).  The article
says...

"Warning If you ignore signature verification, the instance of SQL
Server 2005 is less secure. We recommend that you sign any word breaks
that you install or make sure that any word breakers that you acquire
are signed."

What types of vulnerabilities I am exposing my SQL Server to if I turn
off signature verification.

Thanks in advance.
Kahu
Reply to this Message
Hilary Cotter - 07 Sep 2007 11:53 GMT
Hi Kiwi - I used to live in New Plymouth.

At some point in time in the future there might be an exploit which uses one
of the third party ifilters. Should a malicious hacker replace an unsigned
ifilter with one of their own they might be able to gain access to your
system (although they already have enough access to replace the dll so they
pretty well own your machine anyway).

To protect against this you can check to ensure that all your ifilters are
signed.

Signature

RelevantNoise.com - dedicated to mining blogs for business intelligence.

Looking for a SQL Server replication book?
http://www.nwsu.com/0974973602.html

Looking for a FAQ on Indexing Services/SQL FTS
http://www.indexserverfaq.com

> Howdy folks,
>
[quoted text clipped - 19 lines]
> Thanks in advance.
> Kahu
Reply to this Message
InstantKiwi - 11 Sep 2007 00:09 GMT
Ahhh, the mighty Taranaki.

It's in the laps of the gods (ops team) now.  My temporary work around
until a decision is made was to create a SQL Agent job that executes a
simple SELECT COUNT(0) FROM Blah WHERE FREETEXT(Description, 'blah')
every 4 minutes.

Thanks again,
Kahu
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2009 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.