scanning for ms sql systems
Stephen W. Thompson
thompson at pobox.upenn.edu
Tue Jan 28 16:00:01 GMT 2003
Russell Fulton, Computer and Network Security Officer, wrote:
> I first scanned out network (using nmap) for udp 1434 and found it very
> unreliable, both false +ves and -ves. I then fell back to tcp 1433.
> Does anyone know if this is sufficient to detect a potentially
> vulnerable system -- ie one running either MS SQL of MSDE.
I find comments about UDP scanning by Fyodor in his(?) nmap
distribution helpful. See, for instance, these:
Steve, security analyst
Stephen W. Thompson, UPenn, ISC Information Security, 215-898-1236, WWW has PGP
thompson at isc.upenn.edu URL=http://pobox.upenn.edu/~thompson/index.html
The only safe choice: Write e-mail as if it's public. Cuz it could be.
More information about the unisog