Disable the xp_mongoshell command of the database to prevent hacker attacks.

1. Close and restore the xp_cmdshell command

When a hacker attacks SQL Server, the first method is to execute the xp_mongoshell command of the master extended storage process to destroy the database. For the sake of database security, it is best to disable xp_mongoshell, xp_cmdshell allows the system administrator to execute a given command string in the form of an operating system command line interpreter and return any output in the form of text lines. It is a powerful extended storage process. In general, xp_mongoshell is unnecessary for administrators. The elimination of xp_mongoshell will not affect the Server.
You can remove xp_cmdshell:

Use Master
Exec sp_dropextendedproc N 'xp _ export shell'
Go

If necessary, you can restore xp_mongoshell back:

Use Master
Exec sp_addextendedproc N 'xp _ cmdshell', n'xp log70. dll'
Go

 

If your database has two tables, D99_Tmp or D99_cmd, it indicates that this is the cainiao that maliciously attacks SQL SERVER by downloading software. Su.exe is used (this is a hacker software that promotes permissions) and D99_tmp (three fields, subdirectory, depth, and file, all of which contain website Files And Directories ).

II, Shrink Database Transaction logs

Method 1:
1. Choose "Enterprise Manager"> "Database"> "attribute"> "option"> "fault recovery"> "complete" to "simple'
2. Enterprise Manager-all tasks-shrink database-file-Select log file-Click OK to contract
3. At last, you can restore the previously modified fault to 'complete '.

Method 2:
1. Run in the query Analyzer:

-- Shrink the Log Code. hh indicates the database name.
Dump tran hh with no_log
Backup log hh with no_log
Dbcc shrinkdatabase (hh)