Step 1: Scan your SQL Server for malware

I've come across database servers with limited or no malware protection for fear of performance degradation or system crashes. Obviously, these are two things to be concerned about, but at what price? If you don't have anti-virus software installed, then get it on and running as soon as possible. If the resources required by real-time protection are too much, then exclude your database and other highly-active directories from real-time scans. Otherwise, at a minimum, set up your anti-virus software to scan the local drives every few days during off-peak hours.

If you already have anti-virus software running, make sure it's current (those client-based automatic updates and network-managed signature pushes aren't 100 percent reliable) and perform a full system scan. Don't be afraid to install and use another vendor's software – especially when it comes to spyware protection. I cover various malware vendors (including several free online scanners) in this Malware removal handbook . You'd be surprised what has made its way onto your server.

Test for a Trojan horse on your SQL Server

 Home: Introduction
 Step 1: Scan your SQL Server for malware
 Step 2: Look in the memory
 Step 3: Look at open ports
 Step 4: Peek into your network traffic
 Step 5: Approach with a malicious mindset

---

ABOUT THE AUTHOR:

Kevin Beaver Kevin Beaver is an independent information security consultant and expert witness with Atlanta-based Principle Logic, LLC. He has more than 18 years of experience in IT and specializes in performing information security assessments revolving around compliance and IT governance. Kevin has authored/co-authored six books including , Hacking Wireless Networks For Dummies, and Securing the Mobile Enterprise For Dummies (all by Wiley), as well as The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He can be reached at kbeaver ~at~ principlelogic.com. Copyright 2006 TechTarget

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT SQL Server security Secure SQL Server from SQL injection attacks How insiders hack SQL databases with free tools and a little luck Sarbanes-Oxley compliance checklist: IT security and SQL audits SQL Server source code analysis and management adds database security Ten common SQL Server security vulnerabilities you may be overlooking SQL Server 2008 security and compliance features reduce security risks Get your SQL Server security goals in order How secure is your SQL Server network design? Creating a SQL Server user authentication schema Could a join of encrypted SQL Server data have a problem? SQL Server performance and tuning How to configure Database Mail in SQL Server 2005 to send mail SQL Server stored procedures tutorial: Write, tune and get examples Virtual database storage for SQL Server: Friend or foe? Tutorial: SQL Server 2005 Analysis Services Tutorial: Migrating to SANs from local SQL Server disk storage SQL Server memory configurations for procedure cache and buffer cache Using the OUTPUT clause for practical SQL Server applications Check SQL Server database and log file size with this stored procedure SQL Server PerfMon counters for access methods and buffer manager Find size of SQL Server tables and other objects with stored procedure

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary data corruption  (SearchSQLServer.com) data hiding  (SearchSQLServer.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary