December 5, 2003 at 12:00 am
Comments posted to this topic are about the content posted at http://www.sqlservercentral.com/columnists/jgama/tsqlvirusorbomb.asp
December 29, 2003 at 12:39 am
There is a slight chance that the script which searches for EXEC-s will not function correctly: if the procedure is larger than 4000 characters and the word "EXEC" starts in a @current_text and ends in another one.
Razvan
December 29, 2003 at 2:31 pm
There's no such word as "virii". It's "viruses".
John Scarborough
MCDBA, MCSA
December 29, 2003 at 3:55 pm
Hello.
I'm looking forward to playing with the 'Validate SP's and UDF's with checksum' over the next couple of weeks and I was wondering if there's a way to use this logic against Jobs and DTS packages?
Everett
Everett
Everett Wilson
ewilson10@yahoo.com
December 29, 2003 at 8:37 pm
quote:
There's no such word as "virii". It's "viruses".
In scientific and medical arenas, virii tend to be used. With that said, some computer folks use virii instead of viruses. If you do a Google search you'll see it's quite accepted.
K. Brian Kelley, GSEC
http://www.truthsolutions.com/
Author: Start to Finish Guide to SQL Server Performance Monitoring
K. Brian Kelley
@kbriankelley
December 29, 2003 at 8:47 pm
quote:
I'm looking forward to playing with the 'Validate SP's and UDF's with checksum' over the next couple of weeks and I was wondering if there's a way to use this logic against Jobs and DTS packages?
Yes. Generating a checksum or a hash is a standard way of checking change on most anything, to include files. For instance, you can configure products like BindView to generate a hash on critical files (such as those in C:\WINNT\) and at a later time compare the hash results to see if changes have happened. So pretty much you can do this on anything... generate the checksum or hash and then compare at a later time. For jobs you may a look at the sysjobsteps table. For DTS packages, look at sysdtspackages if stored in SQL Server.
K. Brian Kelley, GSEC
http://www.truthsolutions.com/
Author: Start to Finish Guide to SQL Server Performance Monitoring
K. Brian Kelley
@kbriankelley
December 30, 2003 at 9:36 am
Thanks for the information. This is shapping up to be a nice tool.
Everett
Everett Wilson
ewilson10@yahoo.com
February 12, 2004 at 8:39 pm
Hi Razvan,
Thank you for letting me know about that problem. You are right and there are two solutions in TSQL: one is to store the entire code in a text record in a temp table and search from there. This is slow and with lots of code envolved. The second idea is to search for EXEC in each 8kb block, then search for E at the end of one block and XEC at the beginning of the next one, and son on.
Unfortunatelly, I don't have the time to work on it now but I will do it.
Peace,
Joseph Gama
February 21, 2004 at 6:34 am
Hi Razvan,
I finally got the code and I will post it soon, the problem was solved.
Peace
Joseph Gama
Viewing 9 posts - 1 through 8 (of 8 total)
You must be logged in to reply to this topic. Login to reply