SQLScan

SQLScan is a neat little tool designed to help admins spot potential weaknesses in the SQL servers they're looking after. To be more specific, it’s aimed at finding those pesky Slammer and SQHell worms that love to target older Microsoft SQL 2000 servers. If you’re managing one of those, this could be a lifesaver!

How to Use SQLScan

The best part? Using this app is super straightforward! You can kick things off by entering a list of IP addresses that you want to scan right into the IP list. Feel free to keep adding more IPs as you go along, or if you have a pre-made list saved on your computer, you can easily pull that in too. Just remember that the IPs can be entered as single addresses (like 10.1.2.3) or even as ranges (like 10.1.2.3-10.3.4.5 or 10.1.2.3-254).

Selecting Ports for Scanning

Don’t forget, you get to choose which SQL port to scan! By default, it's set at port 1434, but if your network needs something different, just type that in the port selection box.

Starting Your Scan

Once everything's set up and you're ready to roll, hit the Start button! The program will try its best to grab and show the SQL query response string from any hosts that respond.

Saving Your Results

When your scan wraps up, saving your list of found hosts is super easy! Just click on the "Save..." button at the bottom right of the window, and you'll have options for saving it as either an HTML file or a comma-separated (CSV) file—just pick what works best for you! The file will save just like how it looks on-screen; if you've sorted it by clicking on any column headers, that's how it'll appear in your saved file.

If you're interested in checking out more about SQLScan, head over there!