 OT: MS-SQL DOS attack, anyone else noticed a spike lately? |
|
|
|
Porsche, and the Porsche crest are registered trademarks of Dr. Ing. h.c. F. Porsche AG.
This site is not affiliated with Porsche in any way. Its only purpose is to provide an online forum for car enthusiasts. All other trademarks are property of their respective owners. |
|
|
| SirAndy |
  Feb 3 2004, 01:39 PM
Post
#1
|
|
Resident German  Group: Admin Posts: 42,257 Joined: 21-January 03 From: Oakland, Kalifornia Member No.: 179 Region Association: Northern California  |
fellow geeks,
has anyone else noticed a significant increase in random packages on port 1433? we had a flat out DOS attack on the SQL server port trough all of last week, i finally had to change the standard port for SQL to get it running again. the packages still hit the router/firewall, but now they're just dropped. and they seem to come from everywhere, not just a single source. it slowed down our server(s) to a crawl ... Andy |
   |
 
|
  |
Replies
| airsix |
Feb 3 2004, 04:57 PM
Post
#2
|
|
I have bees in my epiglotis Group: Members Posts: 2,196 Joined: 7-February 03 From: Kennewick Man (E. WA State) Member No.: 266 |
Andy,
I've not seen any high traffic on 1433. Even if there had been I NEVER run sql on a public interface. For example, I've got mySQL running on a webserver, but port 1433 is blocked on the ethernet interface. The webserver should query the sql daemon via the localhost (127.0.0.1), not over the public interface (unless they are not both are running on the same box of course). -Ben |
|
|
|
Posts in this topic
SirAndy OT: MS-SQL DOS attack Feb 3 2004, 01:39 PM
Qarl Nope... Firewall is not logging anything unusual..... Feb 3 2004, 01:47 PM
SirAndy |
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
|
Lo-Fi Version | Time is now: 11th July 2025 - 06:34 AM |
Invision Power Board
v9.1.4 © 2025 IPS, Inc.