May 7, 2008 at 1:39 am
Hi All,
Yesterday i found that one of my database on the production server was hacked, all the tables in the database was infected with html tags and java script.The front end for this project is ASP and the backend is SQL SERVER 2000.
The admin privileges are with us and the client and both of us will not make any mistakes like this, so i want to know how this has been done and how can we protect our database with this hapenning.
This is the second time this database wad infected and as we have scheduling, i just drop the existing database and restored the backup, every thing is fine now.
Please let me know if u can....
Thanks in advance
Syed Sanaullah Khadri.
DBA
May 7, 2008 at 2:34 am
could be a sql injection attack.
what sort of access does your web pages have to your database?
are you using strored procedures or in-line sql to make the database calls?
May 7, 2008 at 3:20 am
Yes, we are using some stored procedure but not insert procedures we use only SELECT procedures to get the details to display, its all about currency of different countries.
May 7, 2008 at 3:27 am
Injection attacks don't need to happen on INSERT statements, they change the nature of the Statement so can happen on select.
you say that you are using some Stored Proceudres, does this mean that all your database calls use Stored Proceures?
Change your Admin passords and the passwords for the logons for you web-sites.
Review the access that your Users have, the website should only have execute access to the neccesary strored procs and nothing else.
Check you logs to see if their is anything suspect going on.
May 7, 2008 at 3:37 am
if there are no inserts, maybe the database can be set read only?
...and your only reply is slàinte mhath
May 7, 2008 at 3:39 am
And if, as you seem to suggest, the application only runs SELECT statements, deny INSERT, UPDATE and DELETE permissions to the login the application uses.
John
May 7, 2008 at 5:03 am
Actually the Admin ie is client has the insert priviliges and his userdetails has been hacked.
May 7, 2008 at 5:09 am
Then change the password, and follow the advice provided to prevent it from happening again
May 7, 2008 at 6:20 am
Ok Thanks and we are doing the same thing here.
May 8, 2008 at 7:34 am
We had a similar problem with our web server being hacked. I found this article that may be of intrest that contains some security measures for IIS and web servers.
http://sqlblog.com/blogs/aaron_bertrand/archive/2008/04/26/call-a-spade-a-spade.aspx
Viewing 10 posts - 1 through 9 (of 9 total)
You must be logged in to reply to this topic. Login to reply