RE: [ISSForum] updating MSDE

[issforum-admin]

Title: Mensaje

Look at the README file of SQL SP3, there you'll find how to get the instance name. You'll have to specify several parameters during the installation, including the correct .msi file used during MSDE firs installation. The article referenced on the README will give the clues you need. -----Mensaje original----- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Enviado el: Viernes, 18 de Julio de 2003 01:02 a.m. Para: [EMAIL PROTECTED] Asunto: [ISSForum] updating MSDE I am trying to install MSDE SP3 on the System scanners MSDE. but i get the following error:   "the instance name specified is invalid"   Any clue? -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, July 17, 2003 3:51 PM To: [EMAIL PROTECTED] Subject: RE: [ISSForum] Internet Scanner 7 - IP Spoofing Does this happen with Internet Scanner 6.2.1?   -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 16, 2003 3:35 PM To: [EMAIL PROTECTED] Subject: [ISSForum] Internet Scanner 7 - IP Spoofing Sharing a lesson learned.   Internet Scanner version 7 has a check for Stealth Port Scanning. The documentation states that the check spoofs an IP address, however what you don't know is something I found out the hard way. When the Stealth scan occurs it uses a Raw Packet Server that is designed to spoof the IP addresses. What happens is that the IP address of the system used to perform the scans is reversed. For example, the scanner's IP address is 205.30.112.25, it becomes 25.112.30.205 when it is spoofed, and this is the address used to perform a stealth port scan. The target system being probed responds to the spoofed IP address. Since this address is not part of our domain the response is routed to the Internet! Not a good idea! So now you are spewing responses from all the internal IP addresses out the internet to a spoofed address. It is conceivable that someone watching your domain could pick up on this behavior and learn what the IP address of your scanner is, plus collect IP address of all your internal systems. This may not be good idea if you have mission critical or classified systems that you were scanning for vulnerabilities. I think this is a breach of internal information that should not be happening, and that the user community needs to know about. Fortunately we monitor our outgoing traffic at the firewall and picked this up quickly. I confirmed this behavior with ISS and they responded that the check is performing as designed! However they would look into updating the documentation. You can confirm this by performing a scan and watching the firewall, then search the session log for Stealth and you will see what happens. Rick Berg  Pacific Northwest National Laboratories