Timeline for What can be used to keep xp_CmdShell in SQL Server disabled?
Current License: CC BY-SA 3.0
2 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Jun 22, 2013 at 6:25 | comment | added | Jeff Moden | Thanks for the feedback, VP. I appreciate it. I actually saw a demo where they had dropped the xp_CmdShell extended stored procedure. It took milliseconds for the attack software being used to realize it and add it back in. I also saw an interesting demo where what they added back in had nothing to do with the DLL so even (if you could) deleting the underlying DLL won't do it. Doing either also breaks a whole lot in SQL Server. | |
| May 21, 2013 at 8:50 | history | answered | VP. | CC BY-SA 3.0 |