Step 6: Directly request version information

Chip Andrews, Contributor

If you're unsure about any remaining hosts and you want 100% accuracy on the SQL Server version information, then you can either log into the SQL Server instance and issue the 'select @@version' command or use Windows Explorer to view the version information of the sqlservr.exe file on the target machine. These are the most time-consuming, but also the most accurate, of all the version identification methods. Note, too, that you must be able to log into the SQL Server instances to get this information. For rogue installations, developer machines, or test labs this can be difficult to do sometimes, so the ssnetlib version may be the only information you can get.

In the

    Requires Free Membership to View

next installment in our series on SQL Server patch deployment, we'll look at what to do next to get those service packs and hotfixes installed on the instances we've identified and assessed.


 Home: Introduction
 Step 1: Map your network
 Step 2: Perform an active scan
 Step 3: Check for SQL registrations
 Step 4: Probe remote services
 Step 5: Probe for SSNetlib.dll versions
 Step 6: Directly request version information
 Go to: How to patch SQL Servers, part 2


Chip Andrews is the director of research and development for Special Ops Security Inc. and the founder of the Web site, which focuses on Microsoft SQL Server security topics and issues. He is also the author of SQL Server Security.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: