------------------------------------------------------------------------------
SQLScan v1.00
SQL "Slammer" worm scanner
Copyright 2003 (c) by Foundstone, Inc.
http://www.foundstone.com
------------------------------------------------------------------------------
SQLScan is a Windows GUI scanner tailored specifically to finding SQL servers
that may be vulnerable to the recent SQL "Slammer" or "SQHell" worm that
attacks vulnerable Microsoft SQL 2000 servers.
Use of the tool should be fairly self-evident. Enter a list of IP addresses
to be scanned in the IP list. You can continually add to the list and can
pull in a pre-built list of IP addresses from a file if you wish. IP addresses
in the file can be specified as single IPs (10.1.2.3), or ranges
(10.1.2.3-10.3.4.5, or 10.1.2.3-254 etc.). Right-clicking with the mouse on
the IP list window will allow you to directly paste lists of IPs from the
clipboard.
Choose which SQL port you would like to scan by entering it in the port
selection edit box. Port 1434 is used by default but this can be changed to
anything more appropriate for the network you are scanning.
When you are ready, click the Start button (right blue arrow). To stop the
scan click the Stop button (blue square).
The program will attempt to extract and display the SQL query response string
from responding hosts. If this is not able to be determined nothing will be
shown in the response field.
Right-clicking on an entry in the list of discovered hosts will bring up
a menu where you can select to copy the relevant IP address or the entire
displayed line to the clipboard.
When the scan has completed you can save the list of discovered hosts to
a file by clicking the "Save..." button at the bottom right of the window.
You can save in either HTML or comma-separated (CSV) format by choosing an
appropriate file extension. The file will be saved in the same manner as it
is displayed i.e. if you have chosen to sort the list by clicking one of
the column headers that is how it will appear in the file.
==============================================================================
FOUNDSTONE, INC.
Terms of Use
1. Acceptance of Terms
1.1.
Read these Foundstone, Inc. ("Foundstone") Terms of Use ("Terms") carefully
before you ("You") accept these Terms by: (a) selecting the "Accept" button at
the end of the Terms, or (b) downloading any of the Foundstone tools ("Tools")
located on this web site. If You do not agree to all of these Terms, select
the "Decline" button at the end of the Terms, or do not download any of the
Tools.
1.2.
The Terms are entered into by and between Foundstone and You. Foundstone
provides the Tools to You strictly subject to the Terms.
2. Permitted Use
2.1.
The Tools are freeware that You may download them for Your personal,
non-commercial use only.
2.2.
You may not modify, reverse engineer, make derivative works of, distribute,
transmit or sell any of the Tools without the express written consent of
Foundstone.
2.3.
The Tools may not be used by You or any other party for any purpose that
violates any local, state, federal or foreign law. You understand that
breaking into any network or computer system not owned by You may be illegal.
3. No Express or Implied Warranty
3.1.
THE TOOLS ARE PROVIDED TO YOU "AS IS." FOUNDSTONE MAKES NO WARRANTIES OR
REPRESENTATIONS, EXPRESS OR IMPLIED, ABOUT THE EFFECTIVENESS, COMPLETENESS OR
FITNESS OF THE TOOLS, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
4. Limitation of Liability
4.1.
YOU AGREE THAT FOUNDSTONE WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL OR PUNITIVE DAMAGES ARISING OUT OF YOUR USE OF, OR
INABILITY TO USE, THE TOOLS, INCLUDING WITHOUT LIMITATION ANY DAMAGE TO, OR
VIRUSES OR "TROJAN HORSES" THAT MAY INFECT OR INVADE, YOUR COMPUTER EQUIPMENT
OR OTHER PROPERTY, EVEN IF FOUNDSTONE IS EXPRESSLY ADVISED OF THE POSSIBILITY
OF SUCH DAMAGE.
4.2.
YOU AGREE TO HOLD FOUNDSTONE HARMLESS FROM, AND YOU COVENANT NOT TO SUE
FOUNDSTONE FOR, ANY CLAIMS BASED OR YOUR USE OF, OR YOUR INABILITY TO USE, THE
TOOLS.
5. Indemnification
5.1.
You agree to indemnify and hold Foundstone and its subsidiaries, affiliates,
officers, agents, and employees harmless from any claim or demand, including
attorney's fees, made by any third party due to or arising out of Your use of
the Tools, breach of the Terms, or violation of the rights of another.
6. Intellectual Property Rights
6.1.
The Tools and all names, marks, brands, logos, designs, trade dress and other
designations Foundstone uses in connection with the Tools are proprietary to
Foundstone and are protected by applicable intellectual property laws,
including, but not limited to copyrights and trademarks. Accordingly, You may
not modify, reverse engineer, make derivative works of, distribute, transmit
or sell any of the Tools, nor may You remove or alter any of Foundstone's
trademarks from the Tools or co-brand any of the Tools, without the express
written consent of Foundstone.
7. Miscellaneous
7.1.
California law and controlling United States federal law govern any action
related to the Terms. No choice of law rules of any jurisdiction apply. You
and Foundstone agree to submit to the personal and exclusive jurisdiction of
the California state court located in Santa Ana, California and the United
States District Court for the Central District of California.
7.2.
The Terms constitute the entire agreement between You and Foundstone and
govern Your use of the Tools, superseding any prior agreements between You and
Foundstone (including, but not limited to, prior versions of the Terms).
7.3.
Foundstone controls and operates this website from various locations in the
United States of America and makes no representation that these Tools are
appropriate or available for use in other locations. If you use this website
from locations outside the United States of America, You are responsible for
compliance with applicable local laws, including, but not limited to, the
export and import regulations of other countries.
7.4.
These Terms and this website could include inaccuracies or typographical
errors. Foundstone may make improvements and/or changes to the Terms or the
website at any time without notice.
7.5.
The failure of Foundstone to enforce or exercise any right or provision of the
Terms does not constitute a waiver of such right or provision.
7.6.
In the event any provision of this Agreement is held to be unenforceable in
any respect, such unenforceability shall not affect any other provision of
this Agreement, provided that the expected economic benefits of this Agreement
are not denied to either party.
