Recently found out that unknown html codes were inserted into my SQL Server database without my knowledge, it's something like this in every cell
[my original database data]</title><style>.a2vf{position:absolute;clip:rect(475px,auto,auto,475px);}</style><div class=a2vf>These rules are bound <a href=http://paydayloansforsure.com >fast payday loans</a> unscrupulous len...
I initially thought my database password was compromised. So I changed my password to a more difficult one, but after a couple of days, it appeared again. Anyone knows how it got into the database like that and how to prevent it?
UPDATE:
After some investigation, I suspect this might be caused by a software which I downloaded to schedule backup SQL databases. I've reformatted my local machine and start all over again, it did not happened anymore.
After some investigation, I suspect this might be caused by a software which I downloaded to my local machine to schedule SQL databases backup. I've reformatted my local machine it did not happen anymore.
Related
While trying to generate the diagram for a database (in SQL Server 2017), I am getting an error
Array out of Index
When I restart the application, it works fine for some time, and after few minutes, when I try to add a new table to the Diagram, it shows that same error again.
Is there any solution to avoid this problem?
This sounds like it's a bug with SSMS (v17.4 in my case).
Others have reported similar issues here: https://stackoverflow.com/a/44914581/4768230.
Alternatively, others have suggested making sure you have schema declared for all your tables can possibly help - https://stackoverflow.com/a/44660066/4768230 (I haven't tried this though).
Below is an alternative answer that applies to a very specific situation.
The above answer will most likely solve your problem. However if you run SSMS as a different user than you are logged into Windows as you may get this error.
The workarounds are to either
Use your normal Windows to connect to the SQL Server (which may not be allowed depending on your situation)
User Remote Desktop to connect to a machine with your SQL Account.
Tested with:
Windows 7 64bit
SSMS 17.7
This situation might be related to the computer not being enabled to use Kerberos Double-Hop active directory but this statement is complete conjecture.
I installed sql server 2005 Express in a virtual clean Windows xp machine.
On the database engine I created two instances, each one of these I have configured mixed authentication and the first user 'sa' password is 'password1' and the second 'password2'.
Then in the first instance, I have created a new database with a common table and a few details. Followed by this stopped the first instance I try to attach the database in the second instance. As it was to be expected, this caused an error and the process was aborted.
Then what I did was to change the password for the 'sa' user and I put the same one that was in the one instance ('passowrd1'). Now try to attach the database, the process is run correctly and the database created in the first instance was properly attached in the second instance.
Until here nothing weird, my surprise was given to make the next step.
In the second instance, I have again changed the password to the user 'sa' and this time put it as it was originally ('password2') and the attached database is kept running.
This is the first thing that I don't understand why it occurs in this way. And as last test, I stopped the second instance and start the first, and to my surprise the database also kept running.
Can someone tell me why this behavior is given as well?
My fear is to create a database with a password 'X' and then for some reason someone discover the password and then changing it, if someone attached database in another instance, can use the old password to open it. The same behavior is happening at others editions of sql server?
Are there any security layer extra that recommend me to apply?
The SA password should have no effect on any user-created databases. It only would affect system databases (Master, Model, MSDB, TempDb). Unless, of course, you encrypted your database files or if you are doing a password-secured backup/restore (which, you are not).
When you were unable to attach the first time, I would suspect that the first SQL instance had not finished shutting down yet. It was merely a coincidence that you took a few minutes to change passwords and then were able to attach the original DB file.
If you want to secure your databases, so they are not stolen and attached to another database, I would recommend doing this at the Server OS level. Prevent people from getting to the file in the first place.
So, I'm a total moron as of late and deleted all of my tables from localhost thinking it was my remote server by accident. I was mistakenly in the wrong tab of my browser. Is there anyway to retrieve my old SQL code to rewrite all of the tables?
PHPMyAdmin won't store backups for your data unless there was a new setting for that? If you have deleted the data even mistakenly and there is no backup then chances of finding it back are very very very dim. PhpMyAdmin wont be able to give it back to you, to answer your question.
Please forgive me if this post is in the wrong place, but as your all the cleverest bunch of guys I know, advice would be appreciated.
Another user in my company wrote [and on another pc], installed the new application [written in vb.net I think - but maybe c#].
He left the company a month a go, and I have now started to get problems [or rather notice them for the first time] - the files were being logged to SQL Server on the network. Now I notice that a month ago the Network SQL Server 2008 has not been logging the data, but in fact it has been accumulating under SQL 2005 on the local machine that the software is installed on, and the temp file is over 100mb big...
I suspect that the IT department froze his account when he left, and this disrupted the SQL access and program network permissions. The Event Viewer seems to support this theory by logging red critical errors that basically say [unable to connect to SQL server etc etc].
The program runs now as a guest [It always ran as a guest]. So I cant see how freezing or deleting his account would affect things.
Do you know how I can fix this without re-installing everything?
Thanks in advance.
Jim.
here's a couple of things to check for starters:
what accounts the SQL services on the machine are running under e.g. http://sql-articles.com/articles/general/sql-server-service-accounts
which account is the application logging in as
Background:
I have a site built in ASP.NET with Sql Server 2005 as it's database. The site is the only site on a Windows Server 2003 box sitting in my clients server room. The client is a local school district, so for data security reasons there is no remote desktop access and no remote Sql Server connection, so if I have to service the database I have to be at the terminal. I do have FTP access to update ASP code.
Problem:
I was contacted yesterday about an issue with the system. When I looked in to it, it seems a bug that I had solved nearly a year ago had returned. I have a stored procedure that used to take an int as a parameter but a year ago we changed the structure of the system and updated the stored procedure to take an nvarchar(10). The stored procedure somehow changed back to taking an int instead of an nvarchar.
There is an external hard drive connected to the server that copies data periodically and has the ability to restore the server in case of failure. I would have assumed that somehow an older version of the database had been restored, but data that I know was inserted 7 days and 1 day before the bug occurred is still in the database.
Question:
Is there anyway that the structure of a Sql Server 2005 database can revert to a previous version or be restored to a previous version without touching the actual data? No one else should have access to the server so I'm going a little insane trying to figure out how this even happened.
Any ideas?
Using SQL Server's built-in backup and restore mechanism, there is no means to pick only certain objects to restore. With transaction log backups, you can restore to a point in time which might be before a certain transaction or ALTER statement was made but that's the closest you get. There are tool's which will let you pick certain objects to restore however they work by either restoring the database to a copy and copying over the objects you want or reading the backup directly and copying out those objects. In other words, this is not something could have happened using the built-in tools accidentally. My guess is that someone accidentally ran an old script of the stored proc(s) that reverted it.
It would be trivial to change a stored procedure without touching any data, or any other stored procedure. How who why when, that's the problem.
One suggestion, run
select * from sys.procedures
and check the create_date and modify_date columns, for both your problem procedure and all other procedures in the database.
I've witnessed similar things happening with an app I have installed at one client location. Every so often the s'procs revert to an older version.
It's just one client, the app is installed at several others which have never had this issue, and they happen to be a school district as well. It happens about once every 3 months or so, and no one should be touching that machine. I'm not even sure they have anyone in house that would know how to open enterprise manager.
Out of curiousity, what backup software is your client using? and, after checking the creation / modify dates on the procedures, did a server reboot occur around that time?
The reason I ask is that my client has backup software that does some really weird things on that server. For example, on reboot it has to "play back" changes, including file operations, since the last successful backup. Also, is it installed in a VM?
Through Data Transformation Services (DTS) ? or if the scripts that set up the database are available someplace..