i noticed a table named 'd99_tmp' appeared in one of my SQL db from nowhere.
the fields are 'subdirectory', 'dept' and 'file'. And it contains info about
my server harddisk file information.
Does anyone knows where this table comes from?This is a User Created Table.
sp_help d99_tmp: This will help you to find who has created the table and
when?
sp_spaceused d99_tmp: This will tell size of the table and Row Count.
"twlancer" wrote:
> i noticed a table named 'd99_tmp' appeared in one of my SQL db from nowher
e.
> the fields are 'subdirectory', 'dept' and 'file'. And it contains info abo
ut
> my server harddisk file information.
> Does anyone knows where this table comes from?|||I know the which account was used to create this table. but none of my team
members did it. We changed the password and the table reappear days later.
"Absar Ahmad" wrote:
[vbcol=seagreen]
> This is a User Created Table.
> sp_help d99_tmp: This will help you to find who has created the table and
> when?
> sp_spaceused d99_tmp: This will tell size of the table and Row Count.
> "twlancer" wrote:
>|||If noone is owning up to it and it reappears after dropping, trace it or
disable the account and see what fails.
"twlancer" <twlancer@.discussions.microsoft.com> wrote in message
news:39B5254C-87EE-478A-B006-1B80329681A8@.microsoft.com...[vbcol=seagreen]
>I know the which account was used to create this table. but none of my team
> members did it. We changed the password and the table reappear days later.
> "Absar Ahmad" wrote:
>|||How do I trace? I checked the SQL log and couldnt see any entries on this
d99_tmp table.
"Danny" wrote:
> If noone is owning up to it and it reappears after dropping, trace it or
> disable the account and see what fails.
> "twlancer" <twlancer@.discussions.microsoft.com> wrote in message
> news:39B5254C-87EE-478A-B006-1B80329681A8@.microsoft.com...
>
>|||Use Profiler to trace.
Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://www.solidqualitylearning.com/
"twlancer" <twlancer@.discussions.microsoft.com> wrote in message
news:3ABA6BE8-99BB-4454-B053-C7B98804DEBC@.microsoft.com...[vbcol=seagreen]
> How do I trace? I checked the SQL log and couldnt see any entries on this
> d99_tmp table.
> "Danny" wrote:
>|||Sounds like a 3rd party application is creating the table...some sort of
network monitoring thing perhaps given the info being stored. Maybe someone
installed this and pointed the utility to the wrong server/database
combination?
Kevin Hill
President
3NF Consulting
www.3nf-inc.com/NewsGroups.htm
"Tibor Karaszi" <tibor_please.no.email_karaszi@.hotmail.nomail.com> wrote in
message news:OsuQ2oB7FHA.3760@.TK2MSFTNGP14.phx.gbl...
> Use Profiler to trace.
> --
> Tibor Karaszi, SQL Server MVP
> http://www.karaszi.com/sqlserver/default.asp
> http://www.solidqualitylearning.com/
>
> "twlancer" <twlancer@.discussions.microsoft.com> wrote in message
> news:3ABA6BE8-99BB-4454-B053-C7B98804DEBC@.microsoft.com...
>|||i have the same problem, something has created d99_tmp table in sql 2000
database (with c:\ listing in table). Table was created with login that use
my web site to read and write data (nothing else), so i think its some sort
of hack. Or some automatic hacking/checking tools. Know someone something
more about it?|||"sql2000" <thakx@.hi.com> wrote in message
news:bc15216f81d1471cac3a652d8eb0fdfb@.ur
eader.com...
>i have the same problem, something has created d99_tmp table in sql 2000
> database (with c:\ listing in table). Table was created with login that
> use
> my web site to read and write data (nothing else), so i think its some
> sort
> of hack. Or some automatic hacking/checking tools. Know someone something
> more about it?
Do you have xp_cmdshell enabled? How much permissions does that web account
have? Does your web server use dynamic SQL?
David|||xp is disabled - Could not find stored procedure 'xp_cmdshell'.
user have permisisson
-public
-db_owner
-db_backupoperator
-db_datareader
-db_datawriter
so how can this user get directory list? i know there is a way run some
commands trought the query parameters (if someone find a hole), but
directory structure table hmm.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment