Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion Groups
DB Engine
SQL ServerMSDESQL Server CE
Services
Analysis (Data Mining)Analysis (OLAP)DTSIntegration ServicesNotification ServicesReporting Services
Programming
CLRConnectivitySQLXML
Other Technologies
ClusteringEnglish QueryFull-Text SearchReplicationService Broker
General
Data WarehousingPerformanceSecuritySetupSQL Server ToolsOther SQL Server Topics
DirectoryUser Groups
Related Topics
MS AccessOther DB ProductsMS Server Products.NET DevelopmentVB DevelopmentJava DevelopmentMore Topics ...
SQL Server Forum / General / Security / December 2005

Tip: Looking for answers? Try searching our database.

SQL Server 2000 - Service Manager

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
jackwc - 27 Dec 2005 19:30 GMT
On occasion, I will open Service Manager and I will see a Server Name that I
do not recognize. I don't understand how it got there. The latest server name
was USATLBMUTZ1. I am a beginner using SS2000. Is it possible for someone to
hack their way into my local version from the outside? All I have is an eval
version of SS2000 on my laptop. The only data on it are sample databases.
Signature

jackwc

Reply to this Message
Don Grover - 27 Dec 2005 20:28 GMT
> On occasion, I will open Service Manager and I will see a Server Name that
> I
[quoted text clipped - 5 lines]
> eval
> version of SS2000 on my laptop. The only data on it are sample databases.

Assuming you have XP and are either using a router / Modem.

Things that should be done.
1) Install XP SP2
2) Install all OS Updates.
3) Install latest SQL Service pack
4) Have no OS users loggins without passwords , Including Administrator
5) Have no SQL users loggins without passwords  Including SA
6) If using MSSQL Mixed mode See 5
7) Configure XP Firewall.
8) Run free MS Base Line Security Analyser, (Its free) and implement any
relevant changes.

If all of the above are done then you should be resonably secure.
Reply to this Message
Sam Hobbs - 28 Dec 2005 06:52 GMT
>> On occasion, I will open Service Manager and I will see a Server Name
>> that I
[quoted text clipped - 20 lines]
>
> If all of the above are done then you should be resonably secure.

MBSA is an excelent suggestion; it will warn about most of the other items
when relevant.

Something else that MBSA will warn about is if the account used for SQL
Server provides too much privilege. The recomendation is to use an account
we create, right?
Reply to this Message
Andy Davis - 28 Dec 2005 12:31 GMT
Hi,
what is your system's name ! right click on my computer -> properties ->
computer name HERE YOU WILL FIND YOUR COMPUTER NAME
now the second step is to run this query in Query Analyzer

select @@servername
the out put of this query and the name with above process should match .
Or HAVE YOU CHANGE YOUR SYSTEM NAME !?

WOULD YOU BE MORE SPECIFIC !?

Regards
Signature

Andy Davis
Activecrypt Team
--------------------------------------------
SQL  Server Encryption Software
http://www.activecrypt.com


> On occasion, I will open Service Manager and I will see a Server Name that I
> do not recognize. I don't understand how it got there. The latest server name
> was USATLBMUTZ1. I am a beginner using SS2000. Is it possible for someone to
> hack their way into my local version from the outside? All I have is an eval
> version of SS2000 on my laptop. The only data on it are sample databases.
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2009 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.