Check or Attack Name: SQL Server

An SQL server has been detected running. This information is gathered from querying the server information, and can be restricted to authenticated users by setting the RestrictAnonymous registry key.

To restrict anonymous connections in Windows NT, follow these steps:

WARNING: Incorrectly using Registry Editor may cause severe and irreparable damage and may require you to reinstall your operating system. Internet Security Systems cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

1. If you have not already done so, apply the latest Windows NT 4.0 Service Pack available at http://support.microsoft.com/support/ntserver/Content/ServicePacks/.
2. Open Registry Editor. From the Windows NT Start menu, select Run, type regedt32, and click OK.
3. Go to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA key.
4. From the Edit menu, select Add Value to display the Add Value dialog box.
5. In the Value Name field, type RestrictAnonymous.
6. Select REG_DWORD as the Data Type.
7. Click OK to display the DWORD Editor.
8. In the Data field, type 1. (Ignore the Radix setting.)
9. Click OK. Registry Editor adds the key to the registry.
10. Reboot the system to apply the changes.

Note: Changing the Registry entries is only effective after Windows NT 4.0 Service Pack 3 or later has been applied.