Re: Is there any reason to use port 1433?

Han

Well you don't need to take all those hazels of passing port number, you can
configure sql server to use which ever port you want

To do that, if you are using sql 2000



Open sql server network utility under Microsoft SQL Server program group.

Select property of TCP/IP and change the port number there..



thats it , sql srever will start listining to that port


VT




"Han" <hp4444@xxxxxxxxxxxxxxxx> wrote in message
news:%23QvONA0KHHA.1424@xxxxxxxxxxxxxxxxxxxxxxx
Thank you for your quick reply, vt.

Yes, 1433 is one of well-known ports. So, what I am asking is, why you
should use the well-known port.

To now one problem I found giving up the 1433 is adding my own port number
to my connection strings.

server=server-name,10001; ...

That's just trivial pain compared with the freedom from lots of ridiculous
attacks. I hope the pain is all I should consider, but I am not sure...

"vt" <vinu.t.1976@xxxxxxxxx> wrote in message
news:uCgwesyKHHA.4992@xxxxxxxxxxxxxxxxxxxxxxx
Han

By default sql server uses tcp/ip 1433 port for communication. so it is
quite common to get attack on that port.


VT





"Han" <hp4444@xxxxxxxxxxxxxxxx> wrote in message
news:O3yHPmyKHHA.1280@xxxxxxxxxxxxxxxxxxxxxxx
Hello

I am new to SQL security.

Some days ago I happened to open my event log and found lots of attacks
have been going on to my SQL server 2005. Maybe for some months. I have
been using firewall and Windows integrated authentication. The attacks
might be not quite successful. Anyway, I changed the SQL server port
from 1433 to something another. Strikingly all the attacks have gone.
Now I am curious why they use port number 1433. Is there any reason to
use the port, benefit or something? Or is there any danger or caution to
use something other than 1433?







.

Relevant Pages

  • Re: What is the risk of having Port# 1433 opened ?
    ... you're vulnerable to denial of service attacks... ... If you NEED SQL Server to communicate over the public Internet ... > port and or ports opened on my servers, but that is normal, because all ... > villagers within my village and plus others who happen to pass by. ...
    (microsoft.public.sqlserver.security)
  • Re: ICMP (Ping)
    ... Actually, if they have the config wrong, and a sql server is servicing the ... yes most of the time they attack depending on what a port scan ... Captus Networks ... - Instantly Stop DoS/DDoS Attacks, ...
    (Security-Basics)
  • Re: Remote ODBC connection to SQL Server 2005 Exp.
    ... Using the port 1433 is not the only way to access a SQL-Server via tcp/ip: ... my IP address has to pass through their router. ... the SQL Server Configuration Manager, clicked on "SQL Server 2005 Network ...
    (microsoft.public.access.externaldata)
  • Re: Issuses installing MSDE 2000 SP3a on Windows XP SP2
    ... > Server drop list within SQL Server Service Manager. ... Server port, TCP/IP 1433, but usually it's port is dynamically assigned ... for further info on how configure SQL Server (MSDE) running on Win XP Pro sp ...
    (microsoft.public.sqlserver.msde)
  • [NT] Microsoft SQL Server 2000 Unauthenticated System Compromise
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Microsoft's database server SQL Server 2000 exhibits two buffer-overrun ... clients connecting to TCP port 1433 or both. ... This message is a single byte packet, ...
    (Securiteam)