The Network Security. Org

Ten hacker tricks to exploit SQL Server systems

Whether it is through manual poking and prodding or the use of security testing tools, malicious attackers employ a variety of tricks to break into SQL Server systems, both inside and outside your firewall. It stands to reason then, if the hackers are doing it, you need to carry the same attacks to test the security strength of your systems. Here are 10 hacker tricks to gain access and violate systems running SQL Server.

1. Direct connections via the Internet

These connections can be used to attach to SQL Servers sitting naked without firewall protection for the entire world to see (and access). DShield's Port Report shows just how many systems are sitting out there waiting to be attacked. I don't understand the logic behind making a critical server like this directly accessible from the Internet, but I still find this flaw in my assessments, and we all remember the effect the SQL Slammer worm had on so many vulnerable SQL Server systems. Nevertheless, these direct attacks can lead to denial of service, buffer overflows and more. Ten hacker tricks to exploit SQL Server systems

More News

• HTTPS Cookie-Hijacking Tool CookieMonster Gobbles Personal Data
  



• Anatomy of a botnet
  



• Microsoft patches 8 critical bugs in Windows, Office
  



• Virtualization users should expect more attacks
  



• Threat From DNS Bug Is not Over, Experts Say
  



• Website infection rate triples
  



• How to Use Honeypots to Improve Your Network Security
  



• Microsoft Patch Tuesday Targets 26 Application Flaws
  



• SSL VPNs might not be as secure as you think
  



• 8 tips to filter spam effectively
  



• Onus on IP address owner to prove innocence
  



• How to install an SSH Server in Windows Server 2008.
  



• Several vulnerabilities closed in the Linux kernel
  



• 8 Best Practices for Encryption Key Management and Data Security
  



• Free Honeypot Client Could Sting Malware
  



• What Firewalls Do & Donot Do
  



• Symantec fingers D Link for bot attacks
  



• WhiteHat: 90% of Sites Still Vulnerable
  



• Red Hat releases free security code
  



• A new type of Bluetooth security