SQL database getting hammered

Forum Moderators: open

Message Too Old, No Replies

SQL database getting hammered

Is there a way to limit password tries

bwnbwn

5:16 pm on Dec 22, 2010 (gmt 0)

Not my field but it is effecting SEO so why the question. Not all the time but lets say once a week our main database server is hammered from repeated (auto generated) attempts to get in by user name and password. The attack is such is stalls the server so bad it brings the sites to a crawl. Right now all IT is doing is getting the IP's and blocking them.
Is there another way to limit the number of attempts and after a certian number block them for some time period?

I can tell you when it happens from whith Google WM area and can't seem to get IT to find a solution to this problem.

LifeinAsia

5:23 pm on Dec 22, 2010 (gmt 0)

My opinion is that they are going about things the wrong way. Instead of blacklisting IPs that are denied access, they should whitelist IPs that ARE allowed access (and block everyone else).

Is there a particular reason why anyone other than your web sites (and except for maybe a handful of IPs belonging to DBAs) should have direct access to your database?

scooterdude

6:15 pm on Dec 22, 2010 (gmt 0)

erm, a few lines of asp.net code validating each password logon attempt , session cookies, validating logon attempts to user ip , account lockout,,

at least one popular forum software has this built in, php tho, but can be done in asp.net

bwnbwn

7:56 pm on Dec 22, 2010 (gmt 0)

Yes guys I finally found some info to give them and have. It just flat drives me nuts with the put me off attitude. I will stay on this very hard.
Life I feel the same way when I started asking why I am getting all these errors in my WM account and was told how this was being addressed.
Thanks

haggul

11:30 am on Dec 23, 2010 (gmt 0)

Is it SQL Server - change from the default port number for a start if on webserver

joer80

2:52 pm on Dec 30, 2010 (gmt 0)

If your database server is on the same local network as your web server, which it should be, you should be able to black list all database connections not coming from your local network. Either that, or white list any web server that you want to login to your database, and block the rest.

If the database is on the same machine as the web server, you can allow local host connections only.

Pretty much any web guy can do either one of these changes in < 10 min, so they shouldn't put you off for to long..