Mike, There is a check in Internet Scanner called "SQL server running (SQL Server)". It is Vuln ID: 1289.
Description: An SQL server has been detected running. This information is gathered from querying the server information, and can be restricted to authenticated users by setting the RestrictAnonymous registry key. You can find it in the policy editor by searching on this string: nt-sql-server Hope that helps, -- L2 [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tonglet, Mike Sent: Monday, January 27, 2003 10:02 AM To: '[EMAIL PROTECTED]' Subject: [ISSForum] SQL Vulnerability Is there a way to use Internet Scanner to do a quick scan for any machine running SQL and identify what patch it's currently using? We are still trying to identify if we have machine vulnerable to the slammer worm. Thanks Mike Tonglet NETPDTC/DYNTEL N621 [EMAIL PROTECTED] DSN: 922-1001 x1355 COMM: 850-452-1001 x1355 FAX: (DSN) 922-1510 COMM 850-452-1510 _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
