Etiquetas

, , ,

How some of you know the default instances of SQL Server 2008 R2 use by default the port TCP 1433, this means that when someone want to attack a instance of SQL Server already know for what port to start. The good news is that we can change the port that will be used by our SQL Server instances and use other port that doesn’t be in use for other application.

The same thing occur with the port UDP 1434 that is used for SQL Server through the SQL Server Browser Service, this port also can be change for other one  whenever this isn’t in use for other application.

To do that, we need to fallow the next steps:

    1. Go to SQL Server Configuration Manager and select SQL Server Network Configuration, this will display the different instance that has been created.
    2. Select the instance you want to change the port, and then select TCP/IP.
    3. In TCP/IP properties windows, select the tab IP Addresses.
    4. Go to the section IP ALL and change the TCP/IP port from 1433 to other value like 4000, the blank value in TCP Dynamic Port indicated that Dynamic ports won’t be used. 
    5. Close the SQL Server Configuration Manager and restart the services.
The next thing you need to do is allow the new port (ex: 4000) in the Server Firewall and block the port 1433.

To do that, we need to fallow the next steps:

1.Open the windows firewall
2.Go to advanced settings

3.In the Windows Firewall with Advanced Security windows, right click over inbound rules and then select new rule.
4.Fallow the wizard as show the images.

5.You will need to fallow the same steps for every port you want to block.
6.Also and VERY IMPOPTAND you need to allow the new port in the firewall, in this example the port 4000.

The last thing you will need to do is create an alias for the server

To do that, we need to fallow the next steps:

Go to SQL Server Configuration Manager and select SQL Native Client 10.0 Configuration.

1.Right click over Alias and then select new alias.
2.Indicate the alias name, port number (ex: 4000) and the name of the server
3.Click OK.
That’s all, with this technique your SQL Server will be more secure.