Step-by-Step Guide

Step 1: Scan your SQL Server for malware

Use malware scanners

I've come across database servers with limited or no malware protection for fear of performance degradation or system crashes. Obviously, these are two things to be concerned about, but at what price? If you don't have anti-virus software installed, then get it on and running as soon as possible. If the resources required by real-time protection are too much, then exclude your database and other highly-active directories from real-time scans. Otherwise, at a minimum, set up your anti-virus software to scan the local drives every few days during off-peak hours.

If you already have anti-virus software running, make sure it's current (those client-based automatic updates and network-managed signature pushes aren't 100 percent reliable) and perform a full system scan. Don't be afraid to install and use another vendor's software – especially when it comes to spyware protection. I cover various malware vendors (including several free online scanners) in this

    Requires Free Membership to View

Malware removal handbook . You'd be surprised what has made its way onto your server.

Test for a Trojan horse on your SQL Server

 Home: Introduction
 Step 1: Scan your SQL Server for malware
 Step 2: Look in the memory
 Step 3: Look at open ports
 Step 4: Peek into your network traffic
 Step 5: Approach with a malicious mindset


Kevin Beaver is an independent information security consultant and expert witness with Atlanta-based Principle Logic, LLC. He has more than 18 years of experience in IT and specializes in performing information security assessments revolving around compliance and IT governance. Kevin has authored/co-authored six books, including Hacking Wireless Networks For Dummies, and Securing the Mobile Enterprise For Dummies (all by Wiley), as well as  The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach).

This was first published in October 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: