how to hide MS SQL Server 2008 ports from the Sniffers

Posted on 2011-10-23
Last Modified: 2012-08-13
am running SQL Server 2008 over a Win 2008 server.

i think 1431 or near by no ports are used to TCP access to SQL Database.

how we can hide These ports from the Sniffer to even see them.

can something be done from Firewall or Server itself

Servers are in LAN zone it self and sniffer is also running on same switch
Question by:osloboy
    LVL 8

    Expert Comment

    Well it sounds like you are asking if you can block SQL service ports from being scanned on the same subnet as a port scanner?
    If so, this is exactly the relationship between security and access - the more access you have to a system, the less overall secure it will be.
    In terms of blocking the port from nodes on the same subnet, if you do NOT need network access to the SQL server (your accessing application is on the same server) you can disable network access to the service within SQL server.
    If you are wanting to block the 1431 port to outside the subnet than your router should be able to do this with ease

    Author Comment

    not SCAN, if i run TCP DUMP in Linux Server and try tp see traffic in and out from the SQL SERVER.

    point is can Admin stop Traffic track to appear in TCP DUMP.

    this SQL server is used by Web Users and few users access it though a customized APP locally
    LVL 8

    Accepted Solution

    So if I understand what your asking, you are wanting to know why the switch, which is supposed to route frames only to their destination, is allowing you to sniff packets from a location other than the destination?
    If so, its possible you are seeing broadcast packets perhaps

    Author Comment

    LAST LINE is nearer,

    if some one Sniff the traffic for my SQL Server, wish list, he can grab all traffic but not port 1433-34

    Author Closing Comment


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Occasionally there is a need to clean table columns, especially if you have inherited legacy data. There are obviously many ways to accomplish that, including elaborate UPDATE queries with anywhere from one to numerous REPLACE functions (even within…
    In this article I will describe the Backup & Restore method as one possible migration process and I will add the extra tasks needed for an upgrade when and where is applied so it will cover all.
    This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
    This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now