AnsweredAssumed Answered

What is this Chinese username that Qualys supposedly tried to use?

Question asked by Abner Almeida on Jan 22, 2018
Latest reply on Jan 22, 2018 by Abner Almeida

Hello, colleagues

 

I need some help.

One of our customers reported that the user 猀愀 tried to authenticate in a MS SQL Server database, as follows:

Login attempt on SQL Server

Problem here is that the Source IP detected (172.22.39.110) is the Qualys IP for this specific VLAN, as you can see:

 

Our default Option profile detects all kinds of vulnerabilities (no specific search list is used during scans) and passoword brute-forcing is disabled

 

And, for last, we don't recognize this username 猀愀, as all of our Qualys credentials are in English (we don't even speak Chinese, nor have any Chinese customer), so, question is:

 

Why in the Earth would Qualys try to log in with this user?? Is it a vulnerability or Policy check?

Outcomes