Home > IT, Security > Increase in Port 1433 (MSSQL) Traffic

Increase in Port 1433 (MSSQL) Traffic

July 3rd, 2007 Leave a comment Go to comments

This is just a quickie...

Apparently SANS ISC has been seeing an increase in activity on port 1433. They are asking for anyone with packet captures to please provide them, and I'm making the request that anyone who passes them on also forward them to me, as I'd love to give them a glance.

Also, has anyone noticed any odd behavior out of their MSSQL Server lately? I'll be interested to see if this is an older threat recirculating or a new threat about to cause trouble.

Categories: IT, Security Tags:

This website uses IntenseDebate comments, but they are not currently loaded because either your browser doesn't support JavaScript, or they didn't load fast enough.

  1. LonerVamp
    July 4th, 2007 at 01:41 | #1
    Reply | Quote

    Eh, funny you mention odd SQL behavior. While certainly not of the kind you’re looking for, one of our SQL servers has been acting odd lately. But that’s what we get for trying to put one on a vmware server rather than physical gear. Doh!

    I was pretty interested in that port 5901 scanning that made some news in the past 48 hours since it may have contribute to a near-worldwide traffic increase. Made me think back to RealVNC’s issue last year…like maybe something in a popular Linux distro was allowing bypass or root (wouldn’t be surprising considering how many of us us Ubuntu now and how quickly it has converted people…).

    Happy 4th!

  1. No trackbacks yet.