News
News
7/25/2005
12:54 PM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Symantec: SQL Server Port Under Heavy Scanning

An alert from Symantec describes an unusual amount of scanning of a port normally associated with Microsoft SQL Server, a possible precursor to an attack.

Symantec issued an alert Monday that it had detected unusual amounts of scanning of a port normally associated with Microsoft SQL Server, a possible precursor to an attack.

The Cupertino, Calif.-based company's DeepSight Threat network, a global collection of sensors that tracks developing attacks, reported an increase in the number of scanned sensors and the number of attacking IP addresses scanning TCP port 1433, which is commonly used by Microsoft's server software.

Although there are no known vulnerabilities in SQL Server, Symantec's alert said it was still a likely preface to an attack. "This activity likely represents active scanning by a malicious code network in an attempt to locate machines susceptible to password-based brute force attacks," the DeepSight team wrote in the warning. "Code components designed to accomplish the above task are publicly available, and have been included in a number of active worms, including Spybot and Gaobot."

Symantec's analysts recommended that administrators block access to port 1433 at the perimeter, and within the network, limit access to the port to trusted hosts.

Comment  | 
Print  | 
More Insights
The Agile Archive
The Agile Archive
When it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Government, May 2014
Protecting Critical Infrastructure: A New Approach NIST's cyber-security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work?
Video
Slideshows
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.