Solved

Sqlbrowser.exe is trying to receive a connection from the internet

Posted on 2009-04-10
17
2,030 Views
Last Modified: 2013-12-24
I have Firewall COMODO and just got a message I think I never received:

Sqlbrowser.exe is trying to receive a connection from the internet

The only difference I can say its that I am in Dial-up connection and my regular connection is DSL.

Why would my SQL (v2000) is receiving a connection from Internet and I have no recent install (maybe AVG 8.0)?
0
Comment
Question by:rayluvs
  • 7
  • 6
  • 4
17 Comments
 
LVL 26

Accepted Solution

by:
Chris Luttrell earned 250 total points
ID: 24120853
In general we do not have SQL Server Browser running on any box exposed to the internet.  It has been a security risk in the past as malicous hackers commonly scan the web for responses from this request to see what databases they can try to attack.
The bellow is from 2005 BOL which explains what the Browser service is.  It replace a similar service in 2000.
"SQL Server Browser runs as a Windows service on the server. SQL Server Browser listens for incoming requests for SQL Server resources and provides information about SQL Server instances that are installed on the computer. SQL Server Browser contributes to three actions:
*Browsing a list of available servers
*Connecting to the correct server instance
*Connecting to Dedicated Administrator Connection (DAC) endpoints
For each instance of the Database Engine, the SQL Server Browser service (sqlbrowser) provides the instance name and the version number."
See full article at http://msdn.microsoft.com/en-us/library/ms165724%28SQL.90%29.aspx and pay special attention to the Security section.
HTH
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 24121379
As long as you have a single MSSQL instance running, you do not need SQL Browser service. And as already stated, it is a common attack target, so it is better to block the 1434/udp port or stop the service.
The difference between DSL and dial-in is that you are not exposed directly to the internet with DSL (the router is, in fact). With dial-in, you are exposed, and each attack is performed against your computer.


0
 

Author Comment

by:rayluvs
ID: 24122170
ok...couple of questions:

1. If I have just one sql instance in my PC the its correct to disable or turn off SQL Browser service?

2. SQL Browser service is when more than one instance is running in my pc....what about when i'm at my office connected to my lan, and i have to connect office sql, do i still need SQL Browser service running?

3. Last, how do I block port 1434 and how do I know that SQL Browser service is using that port?
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 69

Assisted Solution

by:Qlemo
Qlemo earned 250 total points
ID: 24122216
1. yes
2. SQL Browser service is only responsible for the instances on the box it is running on. It does not need to run on client side, at most on server side.
3. port 1434/udp is defined to be the Browser port. It can be changed, but that would need to adapt each client, too, as by convention that port has to be known by all sides (obviously).

To give you a bit more information about the process:
  • First instance (in most cases unnamed) reserves the standard port 1433/tcp for connections.
  • SQL Browser listens on port 1434/udp
  • Second instance is trying to open the port 1433 - but it is reserved for the other instance, so it is selecting a dynamic port. If a dynamic port has been chosen previously (the service is restarted, for example), that port is tried to use again. The server might try several ports, until it succeeds to open one, and that port is reserved, entered in registry, and committed to the SQL Browser service.
  • If a client connects, it tries port 1434/udp to ask for ports, and simultanously queries the standard port 1433 (to speed up connections this is done immediately).
0
 
LVL 26

Expert Comment

by:Chris Luttrell
ID: 24122257
The easiest way to turn off SQL Browser on you machine is to go into SQL Server Configuration Manager set the Start Mode to disabled on the Service Tab and then Stop the service back on the first tab (Log On).
SQLBrowserProperties.png
0
 

Author Comment

by:rayluvs
ID: 24122274
Great info!!!

I have SQL 2000, I can't find SQL Server Configuration Manager; where is it?
0
 

Author Comment

by:rayluvs
ID: 24122282
Ok...I found a service in Services; I assume that's the service I should disable.

??
0
 

Author Comment

by:rayluvs
ID: 24122287
SQL Server Browser
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 24122295
Yes!!!
0
 
LVL 26

Expert Comment

by:Chris Luttrell
ID: 24122298
Sorry, forgot you were on 2000.  Let me look at a 2000 box.
0
 
LVL 26

Expert Comment

by:Chris Luttrell
ID: 24122307
Thanks Qlemo all my normal machines are 2005 and 2008.
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 24122312
... and I cannot find something similar on MSSQL 2000, besides the "Service Manager" running in Systray (if used ...).
0
 

Author Comment

by:rayluvs
ID: 24122344
Ok thanx...I did it.

Unfortunately, I do have 2 instance...I have SQL 2000 my everyday work area and another SQL 2005 for some demo software I need from time to time.

What u recommended?
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 24122361
If you want to stick on switching off SQL Browser service, you can used fixed ports. In MSSQL 2005 Configuration Manager, on properties of TCP connections, set a fixed port in the last available field. Use that port in each connection string, e.g.
  localhost\mssql2005,12345
where mssql2005 is the instance, 12345 the port.

0
 

Author Comment

by:rayluvs
ID: 24122462
Ok...what about in SQL 2000 (the one I have)?
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 24122469
It should use the standard port 1433. If it is reversed (2005 using standard port, 2000 dynamic one), you have to go into the Server Network Connection utility to set a fixed port.
0
 

Author Comment

by:rayluvs
ID: 24122494
ok thanx...Well Experts u have answered excellent my question!
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question