Jump to content

Bruteforce.Generic attack on MSSQL server


Go to solution Solved by Guest #37,

Recommended Posts

GruppoSanMarco
Posted
Hi everybody, I would ask your help to solve my problem with Kaspersky Small Office Security 6. The antivirus is installed on our server Windows Server 2016, no any update was done in last months. Our server is networked in internal LAN. By desktop computers everyday we use accounting software that comunicate with database Microsft SQL Server installed on server. In addition we connect to server also using native Windows remote desktop service. In this way we can use two different instance of accounting software at same time. This procedure is approved by software producer. For a few days, just for a unique desktop computer, Kaspersky is blocking connection because it's detecting intrusion prevention on port 1433. Server logs reports that intrusion prevention is blocked on MSSQL server port due "bruteforce attack". I tried to allow TCP connection to port 1433 for all LAN IP addresses but I haven't solved my problem. I also tried to open all server ports to allow all internal LAN traffic, but nothing changed. How can I solve this problem? How can I add exclusion to Kaspersy intrusion? I can't find any button in this section. P.S. Software updates is disabled for server and for all desktop client. The software configurations was not changed from months. Thank you for your support! Best regards
GruppoSanMarco
Posted
Ok, I will do. Thank you!
Posted
Hi, most likely this is a false detection, that will be fixed with an update next week. Sorry about the incoveniences.

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...