News Stay informed about the latest enterprise technology news and product updates.

Step 5: Probe for SSNetlib.dll versions

Learn how to get the version information you need to plan your patch deployment in this SQL Server patch management guide.

Now that we've identified SQL Server instances, it's time to get the version information we need to plan our patch...

deployment. One quick method to get version information is to use the sqlver.exe tool (from www.sqlsecurity.com) to get the ssnetlib.dll version running on each server instance in our list. SQL Ver.exe initiates a connection to the SQL Server instance on a given port in order to get the server to send it the version of ssnetlib it is using. The advantage to using this patch determination method is that there's no need to log into the SQL Server instance at all to get this information, so it works on installations where you may not have rights to connect.

It should be noted that the ssnetlib.dll version does not always match the exact SQL Server version, so this scan usually gives only an 80% to 90% accuracy rate. That said, service packs almost always update ssnetlib.dll, so at the very least you can be sure you'll obtain the SQL Server product level and the service pack level from this probe.


HOW TO PATCH SQL SERVER, PART 1

 Home: Introduction
 Step 1: Map your network
 Step 2: Perform an active scan
 Step 3: Check for SQL registrations
 Step 4: Probe remote services
 Step 5: Probe for SSNetlib.dll versions
 Step 6: Directly request version information
 Go to: How to patch SQL Servers, part 2

 

ABOUT THE AUTHOR:
Chip Andrews is the director of research and development for Special Ops Security Inc. and the founder of the SQLSecurity.com Web site, which focuses on Microsoft SQL Server security topics and issues. He is also the author of SQL Server Security.

Dig Deeper on SQL Server Database Modeling and Design

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchBusinessAnalytics

SearchDataCenter

SearchDataManagement

SearchAWS

SearchOracle

SearchContentManagement

SearchWindowsServer

Close