Results 1 to 5 of 5
  1. #1
    Join Date
    Feb 2004
    Location
    Alpine Califormia
    Posts
    1,789

    Unanswered: Brute force attack on sa account

    Hi guys I have a problem

    The event logs show a brute force attack attempt to login to the SQL server as user 'Sa'. It looks like someone has been randomly attempting login as Sa for the last couple of days at least. Each time they try to guess the password, they attempt login as Sa up to 20 times per second.

    I did a Google search for "server attack by user sa" and found this happens to many SQL servers that are accessed via the internet. As long as the password is very complex we are probably ok. Disabling the account is also a possibility, though this is beyond my expertise a bit. I need to disable the SA account but I am wondering if that is the best course of action. I need to either disable the Sa account or create another accoutn with the same permissions. Pleas advise

  2. #2
    Join Date
    Jan 2007
    Location
    UK
    Posts
    11,434
    Provided Answers: 10
    Your sa account should be disabled

    ALTER LOGIN (Transact-SQL)
    George
    Home | Blog

  3. #3
    Join Date
    Feb 2004
    Location
    Alpine Califormia
    Posts
    1,789
    Here is the site I followed
    Less Than Dot - Blog - To SA or not to SA

    this is what I did, I named it something else though

    1.ALTER LOGIN sa DISABLE;
    2.ALTER LOGIN sa WITH NAME = IAMGOD;
    3.ALTER LOGIN IAMGOD ENABLE;

  4. #4
    Join Date
    Jan 2007
    Location
    UK
    Posts
    11,434
    Provided Answers: 10
    I was taught that the first thing to do after installing SQL Server is to create yourself a sysadmin account then change the password of the sa account to strong pw before immediately forgetting what that password was.
    George
    Home | Blog

  5. #5
    Join Date
    Nov 2002
    Location
    Jersey
    Posts
    10,322
    Quote Originally Posted by gvee
    I was taught that the first thing to do after installing SQL Server is to create yourself a sysadmin account then change the password of the sa account to strong pw before immediately forgetting what that password was.


    ummmmm...that would be.....to create a strong password...save the pwd word someplace safe, then Never USE sa
    Brett
    8-)

    It's a Great Day for America everybody!

    dbforums Yak CorralRadio 'Rita
    dbForums Member List
    I'm Good Once as I ever was

    The physical order of data in a database has no meaning.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •