• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 342
  • Last Modified:

IP address outside of network trying to log onto SQL Server

I see a lot of these errors in the event log.  

Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: xx.xxx.xxx.xxx]

The ip address is not what is being logged, that value is from outside of our network, is there a port that I need to close to prevent this?  I don't understand where the request are coming from or how they are getting into the network.

We are running SQL Server 2008 r2 Workgroup and Server 2008 R2.  The data on SQL server is accessed by an IIS site
0
c7c4c7
Asked:
c7c4c7
1 Solution
 
Omid OmarkhailSenior Technical ConsultantCommented:
(I do hope you're behind a firewall)
Is the IP address the same every time? If the same, block that IP in your firewall. While there are many ways you can do within SQL server to assure that no one can access your server (i.e. Changing for mixed mode to integrated security, or Changing the name of 'SA' account, or simply having an extremely strong password).
Those things are really help you to stop the traffic from hitting your server.
0
 
Darkworld1000Commented:
0
 
David Johnson, CD, MVPOwnerCommented:
The easiest method to fix this is to open the firewall on the computer that holds the sql server and adjust the firewall to deny access from outside of your subnet or to specify the scope that is allowed and keep it within your subnet instead of any address.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
Ramesh Babu VavillaCommented:
make rule in firewall so that connections can be acheived from the selected IP's only
0
 
c7c4c7Author Commented:
Yes, we have firewall.  There are specific rules allowing only certain IP's outside the network in, these access the IIS server.  No one else has access, I thought.  I
0
 
c7c4c7Author Commented:
Is there a specific port that is used to access SQL server outside of the firewall?
0
 
Ramesh Babu VavillaCommented:
by default sql server uses 1433 port .

run xp_readerrorlog in ssms to find out which isused by sql server
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now