Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
GEN:SID | 1:2049 |
Message | MS-SQL ping attempt |
Summary | a MS-SQL database. |
Impact | Disclosure of an instance of MS-SQL running on a host. |
Detailed Information | nessus is being used to query for the existance of a MS-SQL database running on a host. This may be the prelude to an attack against the service. |
Affected Systems | All systems running MS-SQL. |
Attack Scenarios | This is a probe, the attacker merely needs to use nessus to search the target for services. |
Ease of Attack | Simple |
Corrective Action | Use a firewall to deny connections to port 1434. |
Additional References | Nessus: http://cgi.nessus.org/plugins/dump.php3?id=10674 |
Rule References | nessus: 10674 |
--
DID:588727
--
http://www.aanval.com/