Step-by-Step Guide: Test for a Trojan horse on your SQL Server

Has your SQL Server been acting up lately? No, I'm not referring to the typical database and operating system issues we all must endure. Rather, are you experiencing server sluggishness, erratic behavior, heavy network traffic, or an increase in server processor or memory utilization? Well, don't rule out a Trojan horse on your system. SQL Servers, like most other computers in your environment, are likely used to access the Internet and download and install software. These and other obvious stuff we do on a daily basis can provide a path for Trojan software to be installed. It may seem odd, but it's easy as pie for a server to become infected with malware – especially if it's not protected in the same ways as your end user systems.

When you come across strange things happening on your database server and before you spend countless hours trying to troubleshoot an application or database problem, run the following tests to rule out a Trojan infection.

Test for a Trojan horse on your SQL Server

 Home: Introduction
 Step 1: Scan your SQL Server for malware
 Step 2: Look in the memory
 Step 3: Look at open ports
 Step 4: Peek into your network traffic
 Step 5: Approach with a malicious mindset

---

ABOUT THE AUTHOR:

Kevin Beaver Kevin Beaver is an independent information security consultant and expert witness with Atlanta-based Principle Logic, LLC. He has more than 18 years of experience in IT and specializes in performing information security assessments revolving around compliance and IT governance. Kevin has authored/co-authored six books including , Hacking Wireless Networks For Dummies, and Securing the Mobile Enterprise For Dummies (all by Wiley), as well as The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach). He can be reached at kbeaver ~at~ principlelogic.com. Copyright 2006 TechTarget

More information from SearchSQLServer.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT SQL Server Security Password cracking tools for SQL Server Meet compliance requirements with improved database security practices Hardening the network and OS for SQL Server security Securing the server and database in SQL Server SQL Server security made simple and sensible Blog: Protect your databases from the internal threat Setting up SQL Server Service Broker for secure communication The keys to database backup protection for SQL Server Understanding transparent data encryption in SQL Server 2008 The fine line between not encrypting your databases and breach notification Microsoft SQL Server Performance Monitoring and Tuning Using traces in SQL Server Profiler SQL Server Mailbag: CALs, witnesses and unwanted changes SQL Server Mailbag: Data restoration and DB property management Working with IntelliSense in SQL Server 2008 Management Studio SQL Server Mailbag: Stored procedures, triggers and SSRS reports Troubleshooting Distributed Transaction Coordinator errors in SQL Server Clearing the Windows page file and its effect on server performance Optimizing SQL Server indexes –- even when they're not your indexes Performance implications of transaction log autogrowth in SQL Server The short course on how SQL Server really works SQL Server High Availability, Scalability and Reliability SQL Server high availability: Options and caveats High availability and the database Are data warehouses made for the cloud? Top load balancing methods for SQL Server Maintaining high availability of SQL Server virtual machines Creating fault-tolerant SQL Server installations Scaling up vs. scaling out with SQL Server 2008 How to configure storage in SQL Server database with more writes than reads SQL Server database replication tutorial Licensing a standby server for SQL Server replication SQL Server High Availability, Scalability and Reliability Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary data corruption  (SearchSQLServer.com) data hiding  (SearchSQLServer.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary