Its a SQL server not a web server
Might just be me but "a Fargo attack starts with the SQL Server process on a compromised machine being used to download a .net file via the cmd.exe and powershell.exe consoles" would seem to indicate that the best course of action is to not allow your SQL servers access to anything on the internet.
I am sure someone will point me to a valid reason but personally I am at a loss.
Biting the hand that feeds IT
