SQL default account

[StarkTech]

Hello, I'm at a loss yet again. I'm getting the run-around from Vendors & Tech Support departments alike, so I figured I'd go with an ole favorite and see what you guys think....


What I have:
My-SQL Server vrs. 5.1
My-SQL Administrator vrs. 1.2.12

Problem:
We have had a vulnerability identified regarding the SQL services on this particular machine. The vulnerability is that the default account (sa) is without a password. However, I cannot find this account anywhere to remedy the situation. Does anyone know where this account is located?

Thanks for any help in adavance.
-StarkTech

[quickoldcar]

The 'root' account in mysql is similar to the 'sa' account for Microsoft SQL

[quickoldcar]

To disable the 'sa' account:
ALTER LOGIN sa DISABLE;
To rename the 'sa' account:
ALTER LOGIN sa WITH NAME = [yourNewNameHere];

DO NOT delete the 'sa' account or can lock yourself out, it could be renamed, but would need to check everything that uses it, then of course you should have this passworded.

I would suggest to make yourself a new name, password it, and give it all admin priveledges, then check to see if really works before do anything above.

Some added information:
'sa' is your system administrator name and 1433 is usually your port the server is running on. Changing the SQL Server port to another non-standard port will reduce the amount of attacks on your server considerably. Just like changing your ssh port (on Linux servers) from 22 to something else stops many of the brute force attacks.

[StarkTech]

The 'root' account in mysql is similar to the 'sa' account for Microsoft SQL

The 'root' account for My-SQL has a password already set. What I can't find is where the 'sa' account is located. As I understand it is a default account that is used for Ms-SQL and it cannot be reached from the My-SQL Admin GUI..

Consider me a total novice with SQL (as I am) because I don't know that much about the interfaces or how to get around in them..

[quickoldcar]

SA login is the administrative login for the MSSQL.. To Change the MSSQL SA password you have to execute following commands from command prompt of your server:

1) Go to the command prompt of the server & type in command prompt osql -L
This command will list all the MSSQL servers near you.

2) Copy full name of required MSSQL server & type
Quote:
osql -S copied_servername -E
By this command you'll connect to MSSQL server using administrator account.
3) To change sa password you should execute the following query:
Quote:
sp_password NULL,'new_password','sa'
go
Now try to login to MSSQL using new password.


Or can do from the sql interface:

1. Open the "SQL Server Enterprise Manager". This is usually under "Start"-->"Programs"-->"Microsoft SQL Server".

2. Navigate to the "Logins" object under the "Security" folder on the SQL Server you wish to administer. Then, right click on the 'sa' account and select "Properties".

3. Now, enter a new password in the "Password" field under the "Authentication" options.


Or do this:

MSSQL have its own database management tool called as "MSSQL Server Management Studio (SSMS)".
Here are steps to reset SA password using SSMS :

1] Open SSMS management console, it will prompt for authentication details,

Select Server Type : "Database Engine",
Server name : IP / hostname of your MSSQL server
Authentication : Windows Authentication

Once you select Authentication type as "Windows Authentication", the user name and password fields will be grayed out and it will allow you to login SQL server without entering login details.
Windows Authentication is possible only when you are logged on same server in RDP on which SQL service is present.

2] once you are in, under "Object Explorer" expand Security and then Logins
3] locate and right click on user SA and select Properties
4] under General section enter desired password in front of "Password:" and "Confirm Password:"
5] hit OK at bottom.

This is the easiest and secure way to reset SA password.

I hope some of this helps you.

[StarkTech]

Thanks for your hlep 'quickoldcar' I went with the first set of intsrtuctions because I don't have a GUI interface to work on MS-sql. I got the password changed and it seems like we are good now, just have to wait for the results on our next vulnerability scan to verify.

Thanks again!

[StarkTech]

Our scan confirmed that the passwordless 'sa' account has been remediated. Thanks again Q.O.C.!

[quickoldcar]

Are welcome