473,320 Members | 1,900 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

password for sa was changed spontaneously

Hello!

We are running MS SQLServer 7.0 with ASP on Win 2k Server.
Today suddenly the Web server couldn't connect to the DB Server
because the password for sa was wrong.
We found out that the password was changed.

Is it some kind of hacking thing or just normal password expiration?
The same thing happended several month ago.

Thanks.

Sam
Jul 20 '05 #1
1 1315
Sam Kong (ss*@chol.net) writes:
We are running MS SQLServer 7.0 with ASP on Win 2k Server.
Today suddenly the Web server couldn't connect to the DB Server
because the password for sa was wrong.
We found out that the password was changed.

Is it some kind of hacking thing or just normal password expiration?
The same thing happended several month ago.


There is no password expiration in SQL7. So that means that somebody
changed the password for you.

I would recommend that you change to Windows Authentication and turn
off SQL Authentication. I would also recommand that the web server
does not log with an account that has sysadm privileges. Preferrably
it should no special rights, but access to the SQL objects it needs
to access. (And that should ideally only be stored procedures!).

Finally, if the SQL Server is exposed on the Internet, you should
stick it behind a firewall.

All these precautions increase your security and decreases the risk
for malign attacks.
--
Erland Sommarskog, SQL Server MVP, es****@sommarskog.se

Books Online for SQL Server SP3 at
http://www.microsoft.com/sql/techinf...2000/books.asp
Jul 20 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
by: PamelaDV | last post by:
HELP! I have a rather large - production level database (2 tier - front end and back end) and it was starting to run slow so we decided to do a repair and compact on the back end (data). On the...
2
by: Drew Pawlik | last post by:
I am needing to write an application that will be used every month to automatically run queries on an Oracle database. But the password I need to log in to the database needs to be changed every...
5
by: scorpion53061 | last post by:
is it possible to set the database password that you can set in access for a database from a vb.net application?
0
by: serkan | last post by:
Guys, I am trying to get this password reset functionality wor for me but I am not successful at all. Please somebody help me. I get "Your password could not be reset - please try again later" so I...
4
by: Skeets | last post by:
i have an application that should allow acces to linux administrators only. iow, i want to code a php script that will be able to compare the entered password with the linux adminstrator's...
5
by: Joe-Paul | last post by:
Hi: I'm using VB 6.0 with an Access 2000 database. I set the password in the Access database to: abcdef1234. Then, using a MDIform, during the load event, I send the program to a procedure to...
4
by: muchexie | last post by:
I have developed a login system but its failing to allow the user to change password. Here is my code. <? require_once("system_fns.php"); session_start(); do_html_header("Changing...
1
by: =?Utf-8?B?TWlrZQ==?= | last post by:
At irregular intervals, my Clipboard spontaneously fills with Screen Captures and I can no longer Cut, Copy or Paste either by right-clicking, using cntrl characters or by clicking pulldown...
4
by: John Kotuby | last post by:
Hi all, I have a simple user-form which accepts contact and profile information for the user to edit and save. All the textboxes are working fine and displaying the expected data, both when the...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
1
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.