SQL 2005 - Database Being Hacked!

Last Post 13 Feb 2007 06:57 AM by BenVic. 1 Replies.
AddThis - Bookmarking and Sharing Button
Author Messages
BenVic
New Member
New Member

--
09 Feb 2007 12:32 PM
Hi,

I have a slight, well big, problem in that someone has worked out how to edit parts of my data.

We thought we had the problem solved ages ago as we moved everything over to stored procedures but the tonight the hacker has altered all the data in one field of our table.

So far they have worked out 3 of our table names and one field in each of the tables.

We are pretty sure they haven't worked out our username and password as they attacked before and since then we have moved the DB onto a new server with new IP and username/password.

I guess that leaves just SQL injection attack but we can't see from where yet.

As a quick prevention method we tried setting the user to db_denydatawriter but the user account still seems to be able to write/update data. Unfortunately our knowledge of Schemas etc is pretty limited.

Does any one have any possible pointers?

Many thanks in advance... Ben.
BenVic
New Member
New Member

--
13 Feb 2007 06:57 AM
Thanks RM.

We sorted out our database roles and added code checks to try and prevent future injection attacks. Thankfully we have a decent backup plan for our databases so we got it recovered in a couple of hours.

Lesson learnt, just hope my work take the message onboard.


Acceptable Use Policy
---