[isalist] File Sharing on the internet
- From: "Glenn P. JOHNSTON" <glenn.johnston@xxxxxxxxxxx>
- To: <isalist@xxxxxxxxxxxxx>
- Date: Thu, 13 Jul 2006 15:46:00 +1000
http://www.ISAserver.org
-------------------------------------------------------
Hi,
A company I do support work for on 'Dial a techie' basis, has had a contractor
write some software that needs to access a database on the companies server. He
rolled this out onto the 28 sales pc's last week.
He has just opened port 1433TCP and 1434UDP on the firewall to allow SQL based
authentications from client PC's out on the internet to access the server. It
appears that someone has already hacked into the DB, some tables are empty,
others corrupted, SQL logs show a lot of connections, far more so than can be
explained by legitimate connections.
This of course is a very bad idea, but the company wants some details and white
papers or the like that details why. This has all blown up in the last hour and
a half, and I need some thing to get back to them with tomorrow.
If anyone has any suggestions of white papers etc that might be appropriate,
they would be much appreciated.
------------------------------------------------------
List Archives: //www.freelists.org/archives/isalist/
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/
ISA Server Blogs: http://blogs.isaserver.org/
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
To unsubscribe visit http://www.isaserver.org/pages/isalist.asp
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
