Use malware scanners
I've come across database servers with limited or no malware protection for fear of performance degradation or system crashes. Obviously, these are two things to be concerned about, but at what price? If you don't have anti-virus software installed, then get it on and running as soon as possible. If the resources required by real-time protection are too much, then exclude your database and other highly-active directories from real-time scans. Otherwise, at a minimum, set up your anti-virus software to scan the local drives every few days during off-peak hours.
If you already have anti-virus software running, make sure it's current (those client-based automatic updates and network-managed signature pushes aren't 100 percent reliable) and perform a full system scan. Don't be afraid to install and use another vendor's software – especially when it comes to spyware protection. I cover various malware vendors (including several free online scanners) in this
Test for a Trojan horse on your SQL Server
Step 1: Scan your SQL Server for malware
Step 2: Look in the memory
Step 3: Look at open ports
Step 4: Peek into your network traffic
Step 5: Approach with a malicious mindset
ABOUT THE AUTHOR:
Kevin Beaver is an independent information security consultant and expert witness with Atlanta-based Principle Logic, LLC. He has more than 18 years of experience in IT and specializes in performing information security assessments revolving around compliance and IT governance. Kevin has authored/co-authored six books, including Hacking Wireless Networks For Dummies, and Securing the Mobile Enterprise For Dummies (all by Wiley), as well as The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach).
This was first published in October 2006