In order to protect from 'slammer' kind of virus, we are
planning to block UDP Port 1434 on all gateways. Named
instances seem to rely on UDP Port 1434. Since TCP port
the sql instance is listening on can be re-assigned, Can
we reassign the UDP port 1434 as well? Any input will be
appreciated. Thank you!No. You can use client aliases to enable clients to resolve named instance
network endpoints
HTH
Jasper Smith (SQL Server MVP)
I support PASS - the definitive, global
community for SQL Server professionals -
http://www.sqlpass.org
"Wayne" <anonymous@.discussions.microsoft.com> wrote in message
news:15ca401c41699$7b2a65c0$a301280a@.phx
.gbl...
> In order to protect from 'slammer' kind of virus, we are
> planning to block UDP Port 1434 on all gateways. Named
> instances seem to rely on UDP Port 1434. Since TCP port
> the sql instance is listening on can be re-assigned, Can
> we reassign the UDP port 1434 as well? Any input will be
> appreciated. Thank you!
>|||We are talking about thousands of clients and I am not
sure all applications support the use of aliases. Is there
an easy way out? Will the use of Proxy Server be a better
choice? Thanks for your input!
>--Original Message--
>No. You can use client aliases to enable clients to
resolve named instance
>network endpoints
>--
>HTH
>Jasper Smith (SQL Server MVP)
>I support PASS - the definitive, global
>community for SQL Server professionals -
>http://www.sqlpass.org
>
>"Wayne" <anonymous@.discussions.microsoft.com> wrote in
message
> news:15ca401c41699$7b2a65c0$a301280a@.phx
.gbl...
>
>.
>|||Not sure if this is of use to you. But still... You can configure SQL Server
to Listen on multiple ports. Refer to the KB article :
http://support.microsoft.com/defaul...kb;en-us;294453 for further
information.
HTH,
Vinod Kumar
MCSE, DBA, MCAD, MCSD
http://www.extremeexperts.com
Books Online for SQL Server SP3 at
http://www.microsoft.com/sql/techin.../2000/books.asp
"Wayne" <anonymous@.discussions.microsoft.com> wrote in message
news:15eb901c416ab$59b613a0$a501280a@.phx
.gbl...
> We are talking about thousands of clients and I am not
> sure all applications support the use of aliases. Is there
> an easy way out? Will the use of Proxy Server be a better
> choice? Thanks for your input!
>
> resolve named instance
> message
Showing posts with label protect. Show all posts
Showing posts with label protect. Show all posts
Sunday, March 11, 2012
Blocking UDP Port 1434
In order to protect from 'slammer' kind of virus, we are
planning to block UDP Port 1434 on all gateways. Named
instances seem to rely on UDP Port 1434. Since TCP port
the sql instance is listening on can be re-assigned, Can
we reassign the UDP port 1434 as well? Any input will be
appreciated. Thank you!Don't know that you can change the SQL Server Resolution
Service running on UDP port 1434. However, you can still
connect without using the resolution service as long as the
client knows the port to go through. You don't have to HAVE
to go through UDP 1434 to connect to a named instance.
-Sue
On Tue, 30 Mar 2004 12:55:25 -0800, "Wayne"
<anonymous@.discussions.microsoft.com> wrote:
>In order to protect from 'slammer' kind of virus, we are
>planning to block UDP Port 1434 on all gateways. Named
>instances seem to rely on UDP Port 1434. Since TCP port
>the sql instance is listening on can be re-assigned, Can
>we reassign the UDP port 1434 as well? Any input will be
>appreciated. Thank you!|||Thank you, Sue, for the input. I thought for named
instances, tcp ports can be coded on server and clients,
but NOT UDP port 1434. The following is what I get from
BOL. If it can be done without using UDP port 1434, how
should I configure the client to go through gateways?
'Have the network administrator configure the firewall to
forward the IP address and TCP port the instance of SQL
Server is listening on (using either 1433 for a default
instance, or the TCP port you configured a named instance
to listen on). Also configure the firewall to forward
requests for UDP port 1434 on the same IP address. SQL
Server 2000 uses UDP port 1434 to establish communications
links from applications.'
--
>--Original Message--
>Don't know that you can change the SQL Server Resolution
>Service running on UDP port 1434. However, you can still
>connect without using the resolution service as long as
the
>client knows the port to go through. You don't have to
HAVE
>to go through UDP 1434 to connect to a named instance.
>-Sue
>On Tue, 30 Mar 2004 12:55:25 -0800, "Wayne"
><anonymous@.discussions.microsoft.com> wrote:
>
>.
>|||You can use the client network utility to set up an alias and specify the
port or you can specify it in a connection string
HTH
Jasper Smith (SQL Server MVP)
I support PASS - the definitive, global
community for SQL Server professionals -
http://www.sqlpass.org
<anonymous@.discussions.microsoft.com> wrote in message
news:115da01c416a0$77cbcd40$a001280a@.phx
.gbl...
> Thank you, Sue, for the input. I thought for named
> instances, tcp ports can be coded on server and clients,
> but NOT UDP port 1434. The following is what I get from
> BOL. If it can be done without using UDP port 1434, how
> should I configure the client to go through gateways?
> --
> 'Have the network administrator configure the firewall to
> forward the IP address and TCP port the instance of SQL
> Server is listening on (using either 1433 for a default
> instance, or the TCP port you configured a named instance
> to listen on). Also configure the firewall to forward
> requests for UDP port 1434 on the same IP address. SQL
> Server 2000 uses UDP port 1434 to establish communications
> links from applications.'
> --
>
> the
> HAVE|||Like Jasper said...you can code the port in the connection
or use an alias
Just to add a little clarification for you,
UDP 1434 is used to find the port number for the instance.
It's not used by the SQL Server instance or directly by
clients to connect to SQL Server. It's just to enumerate the
instances on a server and find the listening port for the
specific instance.
If you try to connect to SomeServer\MyNamedInstance and
that's what you specify for the connection, it hits UDP 1434
to use the SQL Server Resolution Service to find what port
number SomeServer\MyNamedInstance is listening on. You can
bypass that by specifying the port yourself and then there
is no need to go through UDP 1434.
-Sue
On Tue, 30 Mar 2004 13:46:33 -0800,
<anonymous@.discussions.microsoft.com> wrote:
>Thank you, Sue, for the input. I thought for named
>instances, tcp ports can be coded on server and clients,
>but NOT UDP port 1434. The following is what I get from
>BOL. If it can be done without using UDP port 1434, how
>should I configure the client to go through gateways?
>--
>'Have the network administrator configure the firewall to
>forward the IP address and TCP port the instance of SQL
>Server is listening on (using either 1433 for a default
>instance, or the TCP port you configured a named instance
>to listen on). Also configure the firewall to forward
>requests for UDP port 1434 on the same IP address. SQL
>Server 2000 uses UDP port 1434 to establish communications
>links from applications.'
>--
>
>the
>HAVE|||THANK YOU for the clarification. I guess there is no easy
way out but to hardcode each client with a specific port
number if UDP 1434 is blocked. It would be nice if the
enumeration port UDP 1434 can be changed...
>--Original Message--
>Like Jasper said...you can code the port in the connection
>or use an alias
>Just to add a little clarification for you,
>UDP 1434 is used to find the port number for the instance.
>It's not used by the SQL Server instance or directly by
>clients to connect to SQL Server. It's just to enumerate
the
>instances on a server and find the listening port for the
>specific instance.
>If you try to connect to SomeServer\MyNamedInstance and
>that's what you specify for the connection, it hits UDP
1434
>to use the SQL Server Resolution Service to find what port
>number SomeServer\MyNamedInstance is listening on. You can
>bypass that by specifying the port yourself and then there
>is no need to go through UDP 1434.
>-Sue
>On Tue, 30 Mar 2004 13:46:33 -0800,
><anonymous@.discussions.microsoft.com> wrote:
>
to
instance
communications
are
port
Can
be
>.
>|||I have tow laptops and accessing the server as SomeServer\MyNamedInstance. O
ne laptop goes directly to port 1433, the other one goes to port 1434 first
and fails to connect. Where is this option which makes the second laptop go
to port 1434 first?
Posted using Wimdows.net NntpNews Component -
Post Made from http://www.SqlJunkies.com/newsgroups Our newsgroup engine sup
ports Post Alerts, Ratings, and Searching.
planning to block UDP Port 1434 on all gateways. Named
instances seem to rely on UDP Port 1434. Since TCP port
the sql instance is listening on can be re-assigned, Can
we reassign the UDP port 1434 as well? Any input will be
appreciated. Thank you!Don't know that you can change the SQL Server Resolution
Service running on UDP port 1434. However, you can still
connect without using the resolution service as long as the
client knows the port to go through. You don't have to HAVE
to go through UDP 1434 to connect to a named instance.
-Sue
On Tue, 30 Mar 2004 12:55:25 -0800, "Wayne"
<anonymous@.discussions.microsoft.com> wrote:
>In order to protect from 'slammer' kind of virus, we are
>planning to block UDP Port 1434 on all gateways. Named
>instances seem to rely on UDP Port 1434. Since TCP port
>the sql instance is listening on can be re-assigned, Can
>we reassign the UDP port 1434 as well? Any input will be
>appreciated. Thank you!|||Thank you, Sue, for the input. I thought for named
instances, tcp ports can be coded on server and clients,
but NOT UDP port 1434. The following is what I get from
BOL. If it can be done without using UDP port 1434, how
should I configure the client to go through gateways?
'Have the network administrator configure the firewall to
forward the IP address and TCP port the instance of SQL
Server is listening on (using either 1433 for a default
instance, or the TCP port you configured a named instance
to listen on). Also configure the firewall to forward
requests for UDP port 1434 on the same IP address. SQL
Server 2000 uses UDP port 1434 to establish communications
links from applications.'
--
>--Original Message--
>Don't know that you can change the SQL Server Resolution
>Service running on UDP port 1434. However, you can still
>connect without using the resolution service as long as
the
>client knows the port to go through. You don't have to
HAVE
>to go through UDP 1434 to connect to a named instance.
>-Sue
>On Tue, 30 Mar 2004 12:55:25 -0800, "Wayne"
><anonymous@.discussions.microsoft.com> wrote:
>
>.
>|||You can use the client network utility to set up an alias and specify the
port or you can specify it in a connection string
HTH
Jasper Smith (SQL Server MVP)
I support PASS - the definitive, global
community for SQL Server professionals -
http://www.sqlpass.org
<anonymous@.discussions.microsoft.com> wrote in message
news:115da01c416a0$77cbcd40$a001280a@.phx
.gbl...
> Thank you, Sue, for the input. I thought for named
> instances, tcp ports can be coded on server and clients,
> but NOT UDP port 1434. The following is what I get from
> BOL. If it can be done without using UDP port 1434, how
> should I configure the client to go through gateways?
> --
> 'Have the network administrator configure the firewall to
> forward the IP address and TCP port the instance of SQL
> Server is listening on (using either 1433 for a default
> instance, or the TCP port you configured a named instance
> to listen on). Also configure the firewall to forward
> requests for UDP port 1434 on the same IP address. SQL
> Server 2000 uses UDP port 1434 to establish communications
> links from applications.'
> --
>
> the
> HAVE|||Like Jasper said...you can code the port in the connection
or use an alias
Just to add a little clarification for you,
UDP 1434 is used to find the port number for the instance.
It's not used by the SQL Server instance or directly by
clients to connect to SQL Server. It's just to enumerate the
instances on a server and find the listening port for the
specific instance.
If you try to connect to SomeServer\MyNamedInstance and
that's what you specify for the connection, it hits UDP 1434
to use the SQL Server Resolution Service to find what port
number SomeServer\MyNamedInstance is listening on. You can
bypass that by specifying the port yourself and then there
is no need to go through UDP 1434.
-Sue
On Tue, 30 Mar 2004 13:46:33 -0800,
<anonymous@.discussions.microsoft.com> wrote:
>Thank you, Sue, for the input. I thought for named
>instances, tcp ports can be coded on server and clients,
>but NOT UDP port 1434. The following is what I get from
>BOL. If it can be done without using UDP port 1434, how
>should I configure the client to go through gateways?
>--
>'Have the network administrator configure the firewall to
>forward the IP address and TCP port the instance of SQL
>Server is listening on (using either 1433 for a default
>instance, or the TCP port you configured a named instance
>to listen on). Also configure the firewall to forward
>requests for UDP port 1434 on the same IP address. SQL
>Server 2000 uses UDP port 1434 to establish communications
>links from applications.'
>--
>
>the
>HAVE|||THANK YOU for the clarification. I guess there is no easy
way out but to hardcode each client with a specific port
number if UDP 1434 is blocked. It would be nice if the
enumeration port UDP 1434 can be changed...
>--Original Message--
>Like Jasper said...you can code the port in the connection
>or use an alias
>Just to add a little clarification for you,
>UDP 1434 is used to find the port number for the instance.
>It's not used by the SQL Server instance or directly by
>clients to connect to SQL Server. It's just to enumerate
the
>instances on a server and find the listening port for the
>specific instance.
>If you try to connect to SomeServer\MyNamedInstance and
>that's what you specify for the connection, it hits UDP
1434
>to use the SQL Server Resolution Service to find what port
>number SomeServer\MyNamedInstance is listening on. You can
>bypass that by specifying the port yourself and then there
>is no need to go through UDP 1434.
>-Sue
>On Tue, 30 Mar 2004 13:46:33 -0800,
><anonymous@.discussions.microsoft.com> wrote:
>
to
instance
communications
are
port
Can
be
>.
>|||I have tow laptops and accessing the server as SomeServer\MyNamedInstance. O
ne laptop goes directly to port 1433, the other one goes to port 1434 first
and fails to connect. Where is this option which makes the second laptop go
to port 1434 first?
Posted using Wimdows.net NntpNews Component -
Post Made from http://www.SqlJunkies.com/newsgroups Our newsgroup engine sup
ports Post Alerts, Ratings, and Searching.
Subscribe to:
Posts (Atom)