Monday, March 28, 2005

Steve Andres of Special Ops Security emailed me to report his company's release of SQLrecon, Chip Andrews' successor to SQLping. SQLrecon is anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r .NET application that I tested on my Windows 2000 laptop. You can use SQLrecon to discover servers offering Windows SQL Server, and learn a little bit more than a port scanner might say.

The tool is very easy to use. By default, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 tool is easy to use. Specify a range of IPs in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 boxes and start cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 scan. Results appear in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 window at right:



SQLrecon provides plenty of customization via options as well.



Thank you to Special Ops Security for releasing this free and helpful tool!

4 comments:

Anonymous said...

SQLRecon is an excellent tool but does have some limitations. There are three that I have encountered, and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se are related primarily to very large networks or substantialy network latency.

Even so, this tool is a giant step forward compared to what existed before it. It is an excellent tool for SQL Server admins.

It discovers MSDE, SQL verison 7, and 2000. I hope it will still work for 2005. Very nice that it reports blank 'sa' passwords!

Some issues: First, it chokes on large subneets.
Second, it is relatively slow.
Third, it may not catch all instances.

I have let it run for days at a time only to find that at some critical juncture it has hung and was unrecoverable so that I couldn't dump cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 report to a file and had to start over with a smaller chunk. Don't know if this is due to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 application or running on W2K. Could be a local (app space) memory leak. In any case, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 lesson learned is to chop subnets up into digestable chunks. A 192.168.1.0/24 subnet is too small, but 10.0.0.0/8 is too big. 192.168.0.0/16 is also too big. So somewhere between 16 and 24 bits in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 primary address seems to be cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 dividing line.

Slowness I can live with, but it makes it difficult to repeatedly scan an entire network.

The list of SQL Server instances that it discovered and reported was shorter and different than cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 a priori list of known instances. The fact that it found additional instances is good, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 fact that it missed some known ones is not so good. This may have something to do with internal routing rules, ACLs or latency (not likely cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 instances were down at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 time of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 scan).

Unknown said...
This comment has been removed by a blog administrator.
Anonymous said...
This comment has been removed by a blog administrator.
Anonymous said...
This comment has been removed by a blog administrator.