News
News
7/25/2005
12:54 PM
Connect Directly
RSS
E-Mail
50%
50%

Symantec: SQL Server Port Under Heavy Scanning

An alert from Symantec describes an unusual amount of scanning of a port normally associated with Microsoft SQL Server, a possible precursor to an attack.

Symantec issued an alert Monday that it had detected unusual amounts of scanning of a port normally associated with Microsoft SQL Server, a possible precursor to an attack.

The Cupertino, Calif.-based company's DeepSight Threat network, a global collection of sensors that tracks developing attacks, reported an increase in the number of scanned sensors and the number of attacking IP addresses scanning TCP port 1433, which is commonly used by Microsoft's server software.

Although there are no known vulnerabilities in SQL Server, Symantec's alert said it was still a likely preface to an attack. "This activity likely represents active scanning by a malicious code network in an attempt to locate machines susceptible to password-based brute force attacks," the DeepSight team wrote in the warning. "Code components designed to accomplish the above task are publicly available, and have been included in a number of active worms, including Spybot and Gaobot."

Symantec's analysts recommended that administrators block access to port 1433 at the perimeter, and within the network, limit access to the port to trusted hosts.

Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek - September 2, 2014
Avoiding audits and vendor fines isn't enough. Take control of licensing to exact deeper software discounts and match purchasing to actual employee needs.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Howard Marks talks about steps to take in choosing the right cloud storage solutions for your IT problems
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.