Some cool SQL Server user names

Navigation

Certificates

Social

One day when I checked SQL Server messages in Event Viewer I found a long series of unsuccessfull attacks. Somebody desperately tried to guess user names and passwords. The favourite ones were the following user names:

sa
sql
admin
administrator
administrador
root
access
db
database
datenbank
saadmin
web
webadmin
master
chef
server

So try not to use these user names and - if possible - don't make your SQL Server visible outside.

Posted: Feb 16 2008, 10:17 PM by DigiMortal | with 4 comment(s)

Filed under: SQL Server

Comments

Mark said:

I had same problems on a testserver, like 10 attempts per second. Since this server is for development use everywhere we changed the port of the sql to another port so the developers still can login anywhere but no bot attempts anymore.

# February 16, 2008 4:38 PM

Gunnar said:

Yes, it is one solution but not the good one. Port scanners will still find you. Of course, you can set IP restrictions on your firewall. That's a little bit stronger protection.

# February 16, 2008 6:20 PM

Shazam999 said:

Why, for the love of God, do you have SQL Server exposed to the outside world?!?

# February 17, 2008 12:16 AM

Gunnar said:

Shazam, you will never know what kind of amazing solutions live out there :)

# February 18, 2008 5:04 AM

Gunnar Peipman's ASP.NET blog

Recent Posts

Sponsors

Tags

News

Navigation

Certificates

Links

Social

Archives