Re: Firewall settings choices

From: Denny (mrdenny@gamespy.com)
Date: 02/05/03


From: "Denny" <mrdenny@gamespy.com>
Date: Wed, 5 Feb 2003 11:12:55 -0800


Fox,
Someone is deffently trying to get into your machine. It sounds like you
have auditing turned on, which is good. Setup your firewall to only allow
the web server to access TCP port 1433 on the SQL Server. Allow no other
access from the internet to the SQL Server. This will block the attempt to
connect to your SQL Server. This is the most secure option. sqlagent.exe
doesn't need access to anything, and nothing needs access to it.
sqlmangr.exe is the little icon in your systray that had the green arrow in
it (on the SQL Server). It needs access to nothing, and nothing needs
access to it. osql is a command program so that you can run queries against
the server from dos. It doesn't need access to anything, and nothing needs
access to it.

I hope this helps.

--
Denny Cherry
Database Administrator
GameSpy Industries
"Fox" <fox@connexions.net> wrote in message
news:#2ru7NTzCHA.1580@TK2MSFTNGP09...
> Hi,
>
> Being a noobie to SQL server, I need some simple advice.
> I need to choose access settings in my firewall for the
> following files.
>
> sqlservr.exe
> sqlmangr.exe
> sqlagent.exe
>
> Being on a small and simple server configuration, I actually
> use Zonealarm Pro and it works, no laughing please !
>
> I have a small lan and I am the only one who manages
> the server. The server is only accessed via a web site
> and it is only accessed for retrieving and storing DATA.
>
> The access choices are
> Access Out   ..... trusted    and or   Internet
> Server          ...... trusted    and or   Internet
>
> Any other advice, such as port limitations would be welcomed
> as well. If it matters port-wise, access is to the general public.
>
> Thanks,
> Fox
>
>