| GEN:SID | 1:2049 |
| Message | MS-SQL ping attempt |
| Summary | a MS-SQL database.
|
| Impact | Disclosure of an instance of MS-SQL running on a host.
|
| Detailed Information | nessus is being used to query for the existance of a MS-SQL database running on a host. This may be the prelude to an attack against the service.
|
| Affected Systems | All systems running MS-SQL.
|
| Attack Scenarios | This is a probe, the attacker merely needs to use nessus to search the target for services.
|
| Ease of Attack | Simple
|
| Corrective Action | Use a firewall to deny connections to port 1434.
|
| Additional References | Nessus: http://cgi.nessus.org/plugins/dump.php3?id=10674
|
| Rule References | nessus: 10674
|