hosted by liquidweb


Go Back   Web Hosting Talk : Web Hosting Main Forums : Web Hosting Talk Tutorials : Hosting Security and Technology Tutorials : How-To block unauthorized SQL remote login on port 1433
Reply

Forum Jump

How-To block unauthorized SQL remote login on port 1433

Reply Post New Thread In Hosting Security and Technology Tutorials Subscription
 
Send news tip View All Posts Thread Tools Search this Thread Display Modes
  #1  
Old 01-15-2005, 02:23 AM
tamouh tamouh is offline
Aspiring Evangelist
 
Join Date: Sep 2002
Location: Canada
Posts: 443

How-To block unauthorized SQL remote login on port 1433


This short tutorial will show you how to use tools already with Windows to better secure your SQL 2000 server.

(( PROCEED CAREFULLY ON YOUR OWN RISK, I'M NOT RESPONSIBLE FOR ANYTHING AS RESULT OF FOLLOWING THESE INSTRUCTIONS ))

Please note, it is generally recommended that you use Windows Authentication for SQL server, and not using the system account.

This tutorial is based on Windows 2003 Server, but should work with Windows 2000 as well:

1) Once you have successfully setup the SQL server and all is going good. You'll need now to prevent unauthorized outside access to the SQL login on port 1433. Unfortunately, if you change the port SQL runs on, you'll have to make changes to your DSNs and as well ColdFusion JDBC DSNs. So the best option if you do not have a firewall is to block unauthorized IP addresses from accessing these specific ports.

2) First step, click on START -> PROGRAMS -> ADMINISTRATIVE TOOLS -> LOCAL SECURITY POLICY

3) On the left side, click on IP security policy

4) list of items show on the right side ( Client , Secure Server, Server)

5) Click on 'ACTION' -> Create IP Security Policy

6) Go through the wizard, describe it : 'SQL Policies'

7) One page of the wizard will say 'Activate default response rule' make sure you UNCHECK that box

8) Once done, it will show you a box named 'SQL Policies Properties' with DEFAULT unchecked

9) Click on 'ADD' , and go through the wizard.
- Check No for tunneling
- Check All Network Connections
- Go to next until you reach the screen 'IP Filter List'

10) Click on 'ADD' in the IP FILTER LIST

11) For name type: BLOCKED SQL PORT

12) Click on 'ADD' again inside that box which will come up with the IP wizard

13) Continue next, the screen will show 'Source Address':
select ANY IP ADDRESS and hit next

14) Destination address: 'MY IP ADDRESS' and hit next

15) Select a protocol type: TCP , source port: ANY , destination port: 1433 (or whatever port you want to block)

16) Hit on OK, and OK until you get back to the screen that has:

'All ICMP Traffic' , 'All IP Traffic' , 'SQL FILTER LIST'

17) Hit on NEXT , it will now ask you what you want to do with this ruleset. There is PERMIT and other options.

If you have BLOCK in there, select it. If not, hit on ADD , name it BLOCK and go next , select BLOCK from the filter action menu and go next

18) Put a dot next to block instead of PERMIT and hit on OK

19) Hit OK, OK, OK.

20) Activate that rule set, by right click on it and choose 'ASSIGN'

NOTICE: If you are logged in remotely to Windows please be careful, as this may block you out if things were not setup correctly.

21) This will block all remote access to your machine, while keeping any internal IPs and localhost able to connect

22) The instructions are a bit hard to follow due to the many menus open, but once you try it couple of times, you'll get the hang of it. Proceed on your own risk and use common sense when doing the wizard.

23) If you want to enable specific remote IPs to connect to SQL, need to follow the steps above but select PERMIT instead of block.

This should stop SQL login attacks completely. You can also use this to block or permit any type of traffic from any IP , subnet, gateway

Advanced readings into IP Security Policy and command line interface:

http://support.microsoft.com/default...en-us%3B813878

http://www.microsoft.com/windows2000...ipsecpol-o.asp
Courtesy of mediumcube.com

__________________
Reliability Performance Integrity


Last edited by tamouh; 01-15-2005 at 02:29 AM.


Sponsored Links
Reply

Related posts from TheWhir.com
Title Type Date Posted
iomartcloud Partners to Distribute Web Filtering and Security Solution to Schools, Workplaces Web Hosting News 2013-11-27 12:32:14
Web & PHP Conference 2013 Web Hosting Events 2013-09-17 14:48:22
Liquid Web Updates Block Storage, Adding Scale, Cross Mounting Web Hosting News 2012-12-14 16:17:44
cPanel Releases cPanel, WHM 11.34 with New User Interface Web Hosting News 2012-10-16 13:09:49
cPanel Conference 2012: What's New with cPanel and WHM with Ken Power Web Hosting News 2012-11-12 13:54:56


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Postbit Selector

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump
Login:
Log in with your username and password
Username:
Password:



Forgot Password?
Advertisement:
Web Hosting News:



 

X

Welcome to WebHostingTalk.com

Create your username to jump into the discussion!

WebHostingTalk.com is the largest, most influentual web hosting community on the Internet. Join us by filling in the form below.


(4 digit year)

Already a member?