[Intrusions] joehack, SQL and the 1433 Scans....
Scott Sanders
Scott.Sanders at Toyota-fs.com
Wed Nov 10 07:55:36 GMT 2004
Hi there...
I'm hoping somebody can help shed light on this issue as we have an
identical situation here and I'm not having much luck gathering info on
this.
We have been investigating processor spikes on a SQL server and we have
also found a stored procedure running with this 'joehack' string. The
details are below:
DECLARE @OUTPAR1 int
execute sp_<removed string> @OUTPAR1 output
select @OUTPAR1 'joehack'
This seems to be running under a valid SQL account.
Any advice is appreciated.
Regards,
Scott Sanders
IT Operations
Europe & Africa Region
Toyota Financial Services (UK)
D +44 (0)1737 365512
F +44 (0)1737 365520
M +44 (0)7810 884614
E scott.sanders at toyota-fs.com
This correspondence is for the intended recipient only. It may contain
confidential or legally privileged information or both. No
confidentiality or privilege is waived or lost by any mistransmission
or unauthorised alteration during transmission.
If you are not the intended recipient, any disclosure, copying,
distribution or any action taken or omitted to be taken in reliance on
it, is prohibited and may be unlawful. If you receive this
correspondence in error, please immediately delete it from your system
and notify the sender.
Any views expressed in this message are those of the individual sender,
except where the sender expressly, and with authority, states them to
be the views of Toyota.
This message has been checked for viruses but the recipient is strongly
advised to rescan the message before opening any attachments or
attached executable files.
More information about the Intrusions
mailing list