Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

How to Block SQL server 7 Port 1433 on windows 2000 server.

Posted on 2009-05-13
8
Medium Priority
?
518 Views
Last Modified: 2012-05-06
I have a question regarding the SQL Server(SQL Server 7) port 1433.
Is there a way i can close this port? I tried using secpol.msc and blocked access to the port 1433 for all IP addresses, but
using SQL Entrprise manager i am still able to connect to this server remotely. Has anyone come across this problem?
0
Comment
Question by:TechGuy100
  • 4
  • 4
8 Comments
 
LVL 71

Expert Comment

by:Qlemo
ID: 24376613
Why would you want this? If the server should not be reachable at all, you can disable TCP and Named Pipes for it, that way only local connections with Shared Memory can be established.
0
 

Author Comment

by:TechGuy100
ID: 24377016
This is an old server with blank "sa" password and if the password is changed one of the web applications "Local" to the server stops working .
 So, i  want that nobody can connect to the server remotely. I want to "block" the port from all IP addresses .
I tried disabling TCP 1433 and UDP 1434 ports using secpol.msc but still i am able to connect using SQl enterprise manger from a remote computer.
0
 
LVL 71

Expert Comment

by:Qlemo
ID: 24377100
Did you see this statement: "you can disable TCP and Named Pipes for it, that way only local connections with Shared Memory can be established."?

SecPol restrictions will be useless.


0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:TechGuy100
ID: 24377251
Yes, i saw your statement that  i can disable TCP and named pipes, but i "might" need to give access to this SQL server remotely for 2-3 specific IP / Servers.
 Is it possible through secpol restrictions or something else ( except a hardware firewall ).
0
 
LVL 71

Expert Comment

by:Qlemo
ID: 24377913
No. You need a software firewall at least. Another way: disable MSSQL Browser service, change standard port in TCP settings of MSSQL, and use that port to connect (append the port after a comma to the server name in your connect string). That is not safe, but keeps unsophisticated connect attempts away.
0
 

Author Comment

by:TechGuy100
ID: 24377973
Qllemo thanks a lot  for your comments, i will try that, but could you please explain why "secpol exceptions will be useless" and if possible can you suggest any software firewall for this purpose.
0
 
LVL 71

Accepted Solution

by:
Qlemo earned 2000 total points
ID: 24378159
SecPol IP filter lists are applied to IPSec Policies only, AFAIK.

Good firewalls are Comodo, Kerio / Sunbelt or PC Tools (while I'm not keen on using the latter one).
0
 

Author Comment

by:TechGuy100
ID: 24425148
Ultimately I was able to block port 1433 access by using "local Area Connection" properties --> TCP/IP-->Properties --> Advanced -->Options-->TCP/IP filtering--> Properties   & allowing only the specific ports we needed. It requires a restart after changing the settings.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have a large data set and a SSIS package. How can I load this file in multi threading?
In part one, we reviewed the prerequisites required for installing SQL Server vNext. In this part we will explore how to install Microsoft's SQL Server on Ubuntu 16.04.
Via a live example, show how to backup a database, simulate a failure backup the tail of the database transaction log and perform the restore.
Via a live example, show how to set up a backup for SQL Server using a Maintenance Plan and how to schedule the job into SQL Server Agent.

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question