Previously we’ve discussed failed logins, how they can indicate unauthorized SQL Server access attempts (Audit failed SQL Server logins – distributed queries, brute force attacks, and SQL injections), and using native tools to audit the failed logins and identify potential attack attempts (Audit failed SQL Server logins – using native tools to investigate failed logins).

October 10, 2013

In the previous article of the Audit failed SQL Server logins series, we described the motives and most common methods used for unauthorized SQL Server access attempts. As a response, the best way to identify such attack attempts is to audit the failed logins

October 10, 2013

Failed SQL Server logins are common in various scenarios. Accidently mistyped credentials (user name or password), changed permissions, or expired password are some of the benign reasons for failed SQL Server logins. On the other hand, there are malicious failed logins – unauthorized attempts to access confidential data stored on a SQL Server instance, that are more of a concern

October 10, 2013