Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
AskSQLTeam
Ask SQLTeam Question
0 Posts |
 Posted - 2006-01-11 : 08:11:37
|
| Jeyadev writes "I am using public IP which I mapped into private IP like 192.168.0.200 using Router. please tell me which port should be opened to access my sql database from my branch office located at another city." |
|
|
AndrewMurphy
Master Smack Fu Yak Hacker
2916 Posts |
Posted - 2006-01-11 : 08:56:33
|
| We can't because that would be local to your configuration...your sysadmin should be able to tell you....BUT a lot of SQL seems to work on port 1433...(which causes simple security holes for hackers to exploit) |
 |
|
|
afrika
Master Smack Fu Yak Hacker
2706 Posts |
Posted - 2006-01-11 : 12:19:38
|
| Yes MS SQL listens on port 1433, but what is the security hole Andrew? |
|
|
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2006-01-11 : 13:13:38
|
| If your SQL server is connected to the Internet, it's usually best to make it run on a non-standard port. This will help prevent worms from attacking your SQL server. There was a worm a year or so ago that attacked SQL server's that were connected to the Internet running on teh default port. If you were running on a non-standard port, then you were ok.With all of that being said, I don't think I'd put my SQL server on the Internet, unless there was a VPN between the clients and the SQL server.Michael<Yoda>Use the Search page you must. Find the answer you will. Cursors, path to the Dark Side they are. Avoid them, you must. Use Order By NewID() to get a random record you will.</Yoda> |
|
|
|
afrika
Master Smack Fu Yak Hacker
2706 Posts |
Posted - 2006-01-11 : 13:24:29
|
| hi Michael,sounds scary, cos we have one of our main MS SQL server database running on the internet without no VPN, this was recommended by our hosting provider. We run port 1433Any advice? |
|
|
|
MichaelP
Jedi Yak
2489 Posts |
Posted - 2006-01-11 : 14:33:05
|
| Well, Do you really need your SQL accessed by machines not on the same physical network as your SQL server? If not, then I'd put the SQL server on a 192.168.*.* network behind a firewall so as to keep the baddies out of it.If you must access it through the Internet, I'd reccomend that you at least change the port that SQL server listens on. This will require a change at all of your clients that connect to your SQL server, so this is probably not going to be easy for your to impliement on a production system.I don't have experience with putting SQL servers "on the Internet" because all the ones I deal with are on a non-routable IP (192.168.*.*), so I suggest you do some more researching into encyrpting the SQL server connection, changing the ports, impliementing VPN, etc.Michael<Yoda>Use the Search page you must. Find the answer you will. Cursors, path to the Dark Side they are. Avoid them, you must. Use Order By NewID() to get a random record you will.</Yoda> |
|
|
|
afrika
Master Smack Fu Yak Hacker
2706 Posts |
Posted - 2006-01-11 : 18:51:02
|
| Oh you got me worried for a minute.Yes, our db is behind a firewall and runs on a proxy IP which is in the 10.2.1.17 series and can only be accessed by the sub domain name resolution.our provider left the default port of 1433.thanks for the advice |
|
|
|
|
|
|
|
|
WAN Implimentation of sql server