Main | New Weekly Series the SPRAY »
Wednesday
15Apr2009

Week 2 Spray

DateWednesday, April 15, 2009 at 2:19AM

I have been doing some consulting for a small company with 60 sites each site has a system running either MSDE or SQL Express 2005. Now you are not going to believe this but the login for the application to the MSDE is SA and the Password is blank but worse still all this inofrmation is stored in an ini file makes me really worried. All this computers are open to the internet and currently i have been assisting in setting them up on a version of my basic log shipping.

Now guys we all know that leaving a blank password around is dangerous, storing it in an ini file is just as bad and using the SA account is worse still. Security one day people will wake up and smell the roses because they have been buried in manure.

AuthorSQLBloke | CommentPost a Comment | Print ArticlePrint Article | |
in , ,

PrintView Printer Friendly Version

EmailEmail Article to Friend

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>