Hi,
How would one make SQL SERVER Log the IP on failed login attempt ?In SQL2005 this is done by default for failed logins and recorded in the SQL
error log. In SQL2000 you can't do it that effectively (you could get
hostname from a profiler trace but since this can be set in the connection
string it's not reliable)
HTH,
Jasper Smith (SQL Server MVP)
http://www.sqldbatips.com
"Tony B." <Test@.spam.ca> wrote in message
news:uh837Qy4GHA.3964@.TK2MSFTNGP04.phx.gbl...
> Hi,
> How would one make SQL SERVER Log the IP on failed login attempt ?
>
>|||Tony/Jasper,
I didn't find any good solutions to prevent hacking of my servers either
so I wrote a utility program to help.
http://www.creeksolutions.com/Produ...92/Default.aspx
BlockSSHacking runs as a Windows service protecting your SQL Server from
brute force hacking attempts coming from the Internet.
The service checks your system every 5 minutes (configurable setting)
for evidence of ongoing hacking. If such attempts are in progress then
those source addresses are blocked from future access to your server
(quickly leading to you recovering your bandwidth).
BlockSSHacking notifies you via email when it has blocked someone from
hacking your system.
Henrik
Jasper Smith wrote:
> In SQL2005 this is done by default for failed logins and recorded in the S
QL
> error log. In SQL2000 you can't do it that effectively (you could get
> hostname from a profiler trace but since this can be set in the connection
> string it's not reliable)
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment