Wednesday, March 7, 2012

Block Port 1433 on windows 2000 server

Hi
I have a question regarding the SQL Server(SQL Server 7) port 1433.
Some body is trying to hack into our Windows 2000 server through port
1433. Is there a way i can close this port? I tried using a tool
called Ipsecpol.exe ( Internet Protocol Security Policies Tool). But
when we run netstat, it still looks like they are able to connect to
the server using port 1433. Has anyone come across this problem? I
would appreciate it very much if somebody could send in any
suggestions regarding this.
Thanks,
Ann
IPSec can be used or a Personal Firewall.
813878 How to Block Specific Network Protocols and Ports by Using IPSec
http://support.microsoft.com/?id=813878
If this computer is on the internet it should be behind a firewall. By
default a firewall will block all incoming traffic, unless you specifically
allow it.
Thanks,
Kevin McDonnell
Microsoft Corporation
This posting is provided AS IS with no warranties, and confers no rights.
|||The issue isn't really "closing ports" - it's blocking access to them.
Are you using ISA? If not, you need a firewall. I'd pick up a cheap and
cheerful firewall appliance - I like the NetGear FR114P.
Ann wrote:
> Hi
> I have a question regarding the SQL Server(SQL Server 7) port 1433.
> Some body is trying to hack into our Windows 2000 server through port
> 1433. Is there a way i can close this port? I tried using a tool
> called Ipsecpol.exe ( Internet Protocol Security Policies Tool). But
> when we run netstat, it still looks like they are able to connect to
> the server using port 1433. Has anyone come across this problem? I
> would appreciate it very much if somebody could send in any
> suggestions regarding this.
> Thanks,
> Ann
|||On 12 Jul 2004 14:56:40 -0700, nsajus@.yahoo.com (Ann) wrote:

>I have a question regarding the SQL Server(SQL Server 7) port 1433.
>Some body is trying to hack into our Windows 2000 server through port
>1433. Is there a way i can close this port?
Don't open it in your firewall. Or any other port you don't want
accessed.
Jeff
|||Hi
This sounds like your SQL Server is not behind the firewall or as the others
have suggested the firewall is not configured correctly.
How do you know someone is trying to access the SQL Server? If this is being
reported from the firewall then it may be because it is dropping it!!
If you are not using windows only authentication, then make sure that you
have a strong sa password.You could run the Microsoft Baseline Security
Analyzer http://www.microsoft.com/technet/sec.../mbsahome.mspx to
make sure it is configured sensibly. I would also look at running IIS
lockdown on any webserver
http://www.microsoft.com/security/gu...dtech/IIS.mspx
Check out the advice on:
http://www.microsoft.com/sql/techinf...ty/default.asp
http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=24
John
"Ann" <nsajus@.yahoo.com> wrote in message
news:cca0635f.0407121356.55ef3590@.posting.google.c om...
> Hi
> I have a question regarding the SQL Server(SQL Server 7) port 1433.
> Some body is trying to hack into our Windows 2000 server through port
> 1433. Is there a way i can close this port? I tried using a tool
> called Ipsecpol.exe ( Internet Protocol Security Policies Tool). But
> when we run netstat, it still looks like they are able to connect to
> the server using port 1433. Has anyone come across this problem? I
> would appreciate it very much if somebody could send in any
> suggestions regarding this.
> Thanks,
> Ann
|||Hi Ann.
The easy one is to buy a firewall box from your local computer store
or If you are using a windows server 2003 use the firewall insite
windows server 2003 (ICF). Click on the link to see how to enable it.
http://www.microsoft.com/resources/d...e_firewall.asp
After you either buy a firewall box or enabled ICF on your server then
try this link:
- www.grc.com
- Click ShieldsUp
- Roll down to HOT SPOT and click again shieldsUp
- click proceed
- write 1433 in the text field and click "User Specified Custom Port
Probe"
- See if its stealth.
- You can then click common ports to see if the common ports are
stealth or click all service ports to see if other ports are
open...(The best is if every one are green and not red)
Hope you understand this and solve this problem..
Danni, MCP[vbcol=seagreen]
|||Sorry. i forgot it was a windows 2000 server. There is not a ICF.
You could also get a software firewall like ZoneAlarm? If the server
is in a big firm it mabye better with a firewall box.
Danni
|||On 13 Jul 2004 01:22:45 -0700, dev@.euro-consult.dk wrote:

>Sorry. i forgot it was a windows 2000 server. There is not a ICF.
>You could also get a software firewall like ZoneAlarm?
For home machines, that is fine, as would be the Sygate product. For
anything used 'in anger' this is a risky solution.

>If the server is in a big firm it mabye better with a firewall box.
In any situation where the data and system availability/integrity is
valuable, a hardware firewall solution is the only way to go.

No comments:

Post a Comment