I have inherited a SQL machine that has both internal (192.168.x.x) and public internet ip addresses, with web sites, assigned to it. The machine is constantly hammered by brute force connections to MS-SQL-S with logon attempts.
Is there a way to have SQL only bind to the internal IP address ?
- Or -
Can I limited the connections to the public IP address to only HTTP or FTP ?
Or something of this sort that will remove the exposure of the SQL server to the world at large ?