<div>
Thanks you for your response. Solutions are actually simpler than they appear at first glance. I will obtain the IP address ranges and lock down 1433 for all except the range. Although the first response is the chosen response and since I intend to implement SP, I think it fair to distribute points.<br />
<br />
Thanks again!<br />

</div>


Thanks you for your response. Solutions are actually simpler than they appear at first glance. I will obtain the IP address ranges and lock down 1433 for all except the range. Although the first response is the chosen response and since I intend to implement SP, I think it fair to distribute points.

Thanks again!


<div>
<div class="content wysiwyg-content">
I have a bit of a dilema; I am running SBS2003 with ISA2004. The SBS SQL Server is hosting an application over port 1433 of which is redirected by ISA to a SQL Server 2005 installation. I have a rather long list of IP addresses that have attempted &nbsp;to break-in using the SA account user/password. As I have noted the breakin attempt, I have added the IP address to a Hacker Network Interface created in ISA to deny access to the network.<br />
<br />
Aside from neutering the SA username &amp;&nbsp;password any suggestions within ISA to stop or mitigate the threat? I thought of assigning a different port but that seems to be a short-term solution.<br />
<br />
Any suggestions would be welcome.<br />
<br />
Tim
</div>
</div>


I have a bit of a dilema; I am running SBS2003 with ISA2004. The SBS SQL Server is hosting an application over port 1433 of which is redirected by ISA to a SQL Server 2005 installation. I have a rather long list of IP addresses that have attempted  to break-in using the SA account user/password. As I have noted the breakin attempt, I have added the IP address to a Hacker Network Interface created in ISA to deny access to the network.

Aside from neutering the SA username & password any suggestions within ISA to stop or mitigate the threat? I thought of assigning a different port but that seems to be a short-term solution.

Any suggestions would be welcome.

Tim

SBS2003 ISA, Need to close 1433 due to hacking

Microsoft Forefront, formerly known as Internet Security and Acceleration Server (ISA Server), is a network router, firewall, antivirus program, VPN server and web cache that runs on Windows servers. It includes identity management and protection systems, and discontinued systems for threat management and network protection, along with protection for Sharepoint and Exchange. The scope of discussions includes forward and reverse proxy, application and service publishing, virtual private networks (VPNs), outbound access rules, SSL certificates and network routing within either a single node or an highly-available array pairing.

Microsoft Forefront ISA Server

Microsoft SQL Server is a suite of relational database management system (RDBMS) products providing multi-user database access functionality.SQL Server is available in multiple versions, typically identified by release year, and versions are subdivided into editions to distinguish between product functionality. Component services include integration (SSIS), reporting (SSRS), analysis (SSAS), data quality, master data, T-SQL and performance tuning.

Microsoft SQL Server

Microsoft SQL Server 2005 is a suite of relational database management system (RDBMS) products providing multi-user database access functionality.Component services include integration (SSIS), reporting (SSRS), analysis (SSAS), data quality, master data, T-SQL and performance tuning. It includes support for managing XML data and allows a database server to be exposed over web services using Tabular Data Stream (TDS) packets encapsulated within SOAP (protocol) requests.