Microsoft SQL Server Articles

Links, articles, scripts, tips, and other technical sources for managing SQL Server. DBALinks is dedicated to SQL Server and database administration.

ABOUT SQL SERVER

  
 

Articles | Categories | Search | Syndication

SQL Server Security and Passwords Tools and Scripts
SQL Server Security and Passwords Tools and Scripts
143 Views :: 0 Reviews :: 		 

Scripts and Tools

New Order - computer security and networking portal SQL related tools

  • Utilities
  • audit.sql - Quick little script to check all of your user accounts for weak passwords if you have created a dictionary file somewhere on your server.
  • Connecting to MySQL databases with C
  • Crack SA Password(BruteForce)with Public Role - Crack SA Password (Brute Force) with Public Role FindSApublic is a brute-force password cracker that requires only public role. Possibilities returns how many different passwords are possible with 1 up to c characters from a universe of n different characters. Usage: FindSApublic n N is an integer which is the maximum length of the password to attempt cracking.
  • dict.zip - Dictionary file to be used for password strength testing. . Create a table called 'dict' with one field (varchar(128) should do since that's the maximum size of a standard security password in SQL 7) called 'word' and then do a 'BULK INSERT dict from 'c:\myfile.txt'. You may need to use special switches on the BULK INSERT depending on your text file - check BOL if you need help.
  • dSQLSRVD - dOMNAR's SQL Server SysComments Decryptor - has been designed to assist developers and administrators of SQL Server 7 and 2000 with examining stored procedures, triggers, views and user-defined functions, in order to gain better insight into 3rd party applications and their database functionality. Such a task is often necessary when integrating a new system with a company's existing systems, or when optimizing a database server's performance.
  • encryptALL.sql - Stored procedure to encrypt all stored procedures in current database (except itself). Can be used for developers who want to protect source code.
  • loginalert.sql - Script to create an operator and three custom alerts to track when the administrator or 'sa' users login into the SQL Server.
  • mcpscripts.zip - Script files from my June 2000 MCP Magazine article on constructing your own log-based Intrusion Detection System.
  • MSSQLRecovery (shareware) - MSSQLRecovery is a data recovery program for Microsoft SQL Server databases. MSSQLRecovery has a powerful recovery engine designed to retrieve data from most damaged databases. Easy setup procedure and intuitive user interface allows to recover vital information in a few clicks.
  • Security Audit=Find SA Password(Brute Force)+Find Passwords(Dictionary)+Password Analysis+ASCIItable - Find SA Password (Brute Force)+Find Passwords (Dictionary)+Analysis of Password Security+Password Generator+ASCII Table How safe are your passwords? Try this set of tools: FindSA and FinSADic are passwords crackers. PWDAnalysis will give an estimate on how easy it is to crack a password. RandomPWD will generate a random password using all ASCII characters above 32, some will require using ALT to display them. RandomPWDkbd will generate a random password using all ASCII characters above 32 but below 126, all characters accessible directly through the keyboard. Possibilities returns how many different passwords are possible with 1 up to c characters from a universe of n different characters.
  • SQL - Introduction to Structured Query Language - the online book
  • Sql Dict - Brute-force SQL Server password utility. Good for auditing SQL Server passwords in your organization. Don't use this power for evil.
  • Sql security - sql security related news, files
  • sql7-lib.txt - Ruleset for the Snort intrusion detection system to identify attacks against SQL Server.
  • SQLAT - SQLAT is a suite of tools that could be useful for penetration testing a MS SQL Server. The tools are still in development but tend to be quite stable.
  • sqlbf - SQL Server password brute forcing tool by xaphan. Source
  • sqlping - SQLPing can be used to discover detailed information about the connectivity of SQL Server 2000 installations without authentication of any kind. Great tool to track down rogue SQL Server 2000 boxes on your networks or on the Internet. Source.
  • sqlpoke.zip - Used to scan a range of IP addresses for SQL Servers and then execute a predefined script. Could be used to track down SQL Servers in your own organization and ensure they stay locked down.
  • TSQL code - DECRYPT SQL SERVER 2000 STORED PROCEDURES, VIEWS AND TRIGGERS
  • TSQL Encryption TEA (new variant), TEA, RC4, Vigenere, Caesar, XOR, XOR8 - Encryption stored procedures and functions: TEA (new variant), TEA, RC4, Vigenere, Caesar, XOR, XOR8 for SQL Server This is a collection of stored procedures and encryption functions (UDF's) in TSQL.
  • xp crypt - extended stored procedure to encrypt/decrypt/hash data from within SQL Server. (1092 hits)

For more details visit: http://www.softpanorama.org/DB/db_security.shtml
Rating
Reviews
Currently, there are no reviews. Be the first to post one!
Click here to post a review
 
Copyright 2007 by www.dballinks.com   Terms Of Use   Privacy Statement    
Home   SQL Server Blogs   DotNetNuke   SQL Server   SQL Server Articles   Contact Us