intrusion detection, etc. for sql server

intrusion detection, etc. for sql server

Post by kevm » Fri, 07 May 2004 07:50:35


The only thing that SQL has is auditing for successfull and failed logins.
To protect your SQL Server and/or restrict access to it, you could put it
behind ISA server and only allow certain computers to connect.

We don't check for NT policies on password attempts.

Thanks,

Kevin McDonnell
Microsoft Corporation

This posting is provided AS IS with no warranties, and confers no rights.
 
 
 

intrusion detection, etc. for sql server

Post by Umlja3kgQX » Fri, 07 May 2004 12:31:05

Hi! The functionality you are looking for (account lockouts) is already available on the OS side which I think is why it is no longer built into SQL Server. Just use Windows authentication if you need this functionality, but of course you already knew that...... HTH. =)

 
 
 

intrusion detection, etc. for sql server

Post by kevm » Sat, 08 May 2004 05:38:58

Failed logins would be logged to the SQL Errorlogs and the NT Application
Event log. But you'll need to restart MSSQLServer to enable the changes.

Thanks,

Kevin McDonnell
Microsoft Corporation

This posting is provided AS IS with no warranties, and confers no rights.