Dear Sir/Madam,
Hello,
Since 2 years ago we send some information to our remote
SQL Server on a dedicated server every 5 minutes without
any problem, but yesterday a hacker , delete many of our
information on a remote SQL Server, I really don't know
how he/she did it, but after that I changed the SQL Server
port from 1433 to a private port , change all Logins in
security section of SQL Server Enterprise Manager ,
Windows passwords and setup a firewall to protect our
server, but unfortunately tonight , hacker again attack
our site and again change all of our data in SQL Server.
Because of firewall setting, I'm sure that he/she cannot
login to our server from private port and I think that
he/she try to login from http port, and because of our web
server we cannot change our http port to a private port.
I really don't know that how can I secure more our SQL
server and rid from hacker.
By the way both SQL Server and Windows are full update.
Please help me as soon as possible
Yours Sincerely,
John
"John" <ah_yousefi@.yahoo.com> wrote in message
news:1e16601c454e2$0f479cb0$a501280a@.phx.gbl...
> Since 2 years ago we send some information to our remote
> SQL Server on a dedicated server every 5 minutes without
> any problem, but yesterday a hacker ,<snip>
I see you received a reply in the *.security newsgroup. Please do not
multi-post.
Steve
|||All the patching, IDS and firewalls in the world won't stop a lame SQL
Injection point.
Learn about it and make sure that you don't get jacked again.
Tim
"John" <ah_yousefi@.yahoo.com> wrote in message
news:1e16601c454e2$0f479cb0$a501280a@.phx.gbl...
> Dear Sir/Madam,
> Hello,
> Since 2 years ago we send some information to our remote
> SQL Server on a dedicated server every 5 minutes without
> any problem, but yesterday a hacker , delete many of our
> information on a remote SQL Server, I really don't know
> how he/she did it, but after that I changed the SQL Server
> port from 1433 to a private port , change all Logins in
> security section of SQL Server Enterprise Manager ,
> Windows passwords and setup a firewall to protect our
> server, but unfortunately tonight , hacker again attack
> our site and again change all of our data in SQL Server.
> Because of firewall setting, I'm sure that he/she cannot
> login to our server from private port and I think that
> he/she try to login from http port, and because of our web
> server we cannot change our http port to a private port.
> I really don't know that how can I secure more our SQL
> server and rid from hacker.
> By the way both SQL Server and Windows are full update.
> Please help me as soon as possible
> Yours Sincerely,
> John
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment