Dictionary Attacks - Hitting a little to close to home

21Sep2007 Filed under: Hacking Author: bkenny

After numerous tactics and fire fighting, dictionary attacks is just becoming an annoyance for an open SQL server. We have moved behind our own VLAN, in a nice little nook behind the new Cisco ASA series products.

Yet there are still bad login requests reaching our SQL servers. Looks like it’s come to the stage of if (login_failed>100 && IP is the same) {ban ip}

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to “Dictionary Attacks - Hitting a little to close to home”

Conor
September 21st, 2007 at 11:47 pm

If you can you should try build a private lan for your SQL server so you can’t get at it from the internet.
bkenny
September 22nd, 2007 at 10:40 am

Connor,

Unfortunatly - we provide external applications to dialup/adsl users. Due to dynamic IPs we cannot allow a certain amount of IPs and explicitly deny everything else. We also cannot cut communications to the SQL cluster externally.

Entries (RSS)
Comments (RSS)

About this blog

General ranting and raving about things that intreset me. Music, computer games, IT and god knows what else.

I am currently working in Page 7 Media as a Systems Manager. You can contact me by emailing brian@bkenny.com

M	T	W	T	F	S	S
« Aug				Oct »
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30

Brian Kenny