Problem solve Get help with specific problems with your technologies, process and projects.

Step 5: Approach with a malicious mindset

Approach your analysis and troubleshooting with a malicious mindset. And, by all means, never assume your anti-virus software is going to keep things clean. Follow this step-by-step guide to test for a Trojan horse on your SQL Server.

Trojan horses are nasty creatures on your computer – creating remote access tunnels, capturing keystrokes, deleting data and more – especially on your most important servers. Obviously the best route is to never use your SQL Server for Internet access, Web browsing, email, etc. – but that's not practical. You (or someone) will have a need to use it for more than just a database server eventually. Once that happens, you've got to make sure you're protected. Don't put it past anyone, or anything, that a Trojan's not running on your system. And, by all means, never ever assume your anti-virus software is going to keep things clean.

Approach your analysis and troubleshooting with a malicious mindset: if you were going to attack and install a rogue piece of software that could give you a leg up on your network, there's no better place to do it than directly on the SQL Server itself. You might not have a Trojan on your server, but if you're experiencing problems, the culprit can be easy to find.

The bad guys know that a lot of servers don't have malware protection. They also know overworked admins are reluctant to install security software or perform certain protective measures on their database servers in the name of performance and system uptime. Protect your server and know how and where to go looking when problems arise.

 


Test for a Trojan horse on your SQL Server

 Home: Introduction
 Step 1: Scan your SQL Server for malware
 Step 2: Look in the memory
 Step 3: Look at open ports
 Step 4: Peek into your network traffic
 Step 5: Approach with a malicious mindset


ABOUT THE AUTHOR:
Kevin Beaver is an independent information security consultant and expert witness with Atlanta-based Principle Logic, LLC . He has more than 18 years of experience in IT and specializes in performing information security assessments revolving around compliance and IT governance. Kevin has authored/co-authored six books, including Hacking Wireless Networks For Dummies, and Securing the Mobile Enterprise For Dummies (all by Wiley), as well as  The Practical Guide to HIPAA Privacy and Security Compliance (Auerbach).

Dig Deeper on Microsoft SQL Server Performance Monitoring and Tuning

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchBusinessAnalytics

SearchDataCenter

SearchDataManagement

SearchAWS

SearchOracle

SearchContentManagement

SearchWindowsServer

Close