作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2009, Vol. 35 ›› Issue (18): 127-129. doi: 10.3969/j.issn.1000-3428.2009.18.045

• 安全技术 • 上一篇    下一篇

TDS协议分析与漏洞检测

郭丽红,吴海涛

  

  1. (南京工程学院通信工程学院,南京 211167)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2009-09-20 发布日期:2009-09-20

TDS Protocol Analysis and Loophole Detection

GUO Li-hong, WU Hai-tao

  

  1. (School of Communications Engineering, Nanjing Institute of Technology, Nanjing 211167)
  • Received:1900-01-01 Revised:1900-01-01 Online:2009-09-20 Published:2009-09-20

摘要: 对应用于Microsoft SQL Server 2000 的未公开协议TDS 8.0 进行研究分析,通过批量发送和接收TDS 数据包,分析TDS 协议的通信规则和各种类型的TDS包结构,总结整个TDS 协议的报文结构。在协议分析的基础上,研究Microsoft SQL Server 2000 体系结构和存在的安全漏洞,编写漏洞测试程序,验证TDS 8.0协议并找出其中存在的安全问题。

关键词: 表格数据流协议, 协议分析, 漏洞检测

Abstract: This paper researches and analyzes the undisclosed protocol TDS 8.0 which used in the Microsoft SQL Sever 2000, receives and sends the TDS data packets, analyzes the communication rule of TDS protocol and all types of TDS package, sums up the entire TDS protocol structural framework and gives a detailed description of every TDS segment meaning. Basing on the protocol analysis, this paper researches the system structure and security loopholes of the Microsoft SQL Sever 2000, compiles the loophole test program to validate TDS 8.0 protocol and finds out the secure problems in the TDS 8.0 protocol.

Key words: Tabular Data Stream(TDS) protocol, protocol analysis, loophole detection

中图分类号: