I'm doing some testing on a vendor’s web site and ran into the error below. I
told the vendor that displaying this kind of error could give a hacker the
information needed to hack the db or attempt SQL injection attacks etc. (btw
this is a bank). The vendor is telling me that ...

We are getting a lot of entries in the Windows event log indicating 'Login
failed for user 'sa'' and 'root'. It seems like an obvious hack attempt but
is there any way of determining the source (ip address) of these attempts. I
can't understand why SQL doesn't log the ip address ...

Got a KDC Error with the following description:
==========================================
Event Type: Error
Event Source: KDC

Since I installed a firewall on my machine, it regularly
detects unexpected ftp sessions.
Thanks to a process explorer, I remarked that ftp is
launched from a (hidden) cmd.exe, itself lauched by

I have a SQL Server 2000 database that I restore often.
After the database is restored I need to add database security role to Login
Name Chicago\CH-datareader-K.
How would I add the database role 'db_datareader' to Login Name

Hi just wondering if there is a way to have one record in a table be read
only, were an application can not remove it and have all other records act
normally?  I am currently handling this in  .net code but would prefer to
have it built into the table.

We have an env. with a distributed COM+ application on a
Win2003 server and a SQL Server 2000 on a Win 2003 server,
connecting through ODBC.
In this env. we always get "Failed to enlist Distributed

Dear Colleagues:
With Windows NT networks (and I believe 2000 as well), I was unable to set
up a stronger password policy for certain groups.
My desired result is to put a stronger password policy on one group, but a

Hello. I'm running Windows 2003 Server Standard Edition with SP1. After
installing SP1 for OS I installed MS SQL Server 2000 and applied the SP3a.
Then I checked my system with MBSA. MBSA reported that I have to apply the
MS03-31 patch. I installed this patch but after this the ...

If I have a server with windows  only authentication mode,  How can I login
in Sql Server 2000 using SA or GUEST account?  It is possible?

How does SQL Server verify the credentials of a domain user who attempts to
use a database with domain security?    Is some sort of Kerberos key passed
instead of the userid and password, and how does SQL Server's security
verify these tokens are correct?

Is it possible for profiler to show which password is used when a user logs
to a sql server and the users ip ?? If so how.

I want to add an attachement when my job fineshed and raise a alert mail.

I have a Merge Replication configuration in which one Publisher replicates
with 20 subscribers.
Currently, we use Windows Integrated security.
I get the following error when attempting to access tables in a remote

Hello -
I am having a problem installing the MS03-031 hotfix on SQL Server 2000. The
installation package extracts the files and says that the installation was
successful, but when the version # is checked - it is still 8.00.760 and not