October 9, 2014 at 8:29 am
recently i saw many login attacks on my sql server, it eat uped resources like anything
for the time being i have disabled, remote connection for my sql server
but i have other servers who connect to my sql server, and i want only them to be able to connect sql server, rest all denied
how can i do that
in sql server 2008 web edition r2
<a href="http://www.websolsoftware.com"> For IT jobs click here</a>
*Sukhoi*[font="Arial Narrow"][/font]
October 9, 2014 at 8:35 am
That's something you'd configure within the firewall. Speak to your network admin or ISP's network people.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
October 9, 2014 at 8:46 am
i tried firewall, but i didnt seem to find any option to allow only specific ips and block all others for port 1433,1434
<a href="http://www.websolsoftware.com"> For IT jobs click here</a>
*Sukhoi*[font="Arial Narrow"][/font]
October 9, 2014 at 8:48 am
Speak to your network admin, denying all IPs but for a range is something all firewalls should be able to do.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
October 9, 2014 at 8:53 am
iam the admin, i did created 2 rules, one allowing specific ips and other blocking connections to 1433,34 any idea, its not working
its blocking all connections
using windows firewall advance settings
<a href="http://www.websolsoftware.com"> For IT jobs click here</a>
*Sukhoi*[font="Arial Narrow"][/font]
October 9, 2014 at 8:58 am
When I said speak to the network admin, I meant the person who knows their way around networking and firewalls.
I am not a network admin, I don't know firewalls well, I can't tell you how to configure it. Speak with whoever the network/firewall specialist there is.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
October 9, 2014 at 9:01 am
iam using windows firewall with advance settings
it only provides three option
allow the connection
allow the connection if it is secure
block the connection
where is the option to allow only from specific ip
<a href="http://www.websolsoftware.com"> For IT jobs click here</a>
*Sukhoi*[font="Arial Narrow"][/font]
October 9, 2014 at 9:05 am
Custom rule -> Scope
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
October 9, 2014 at 9:10 am
still 3 options
allow the connection
allow the connection if it is secure
block the connection
now if i choose allow for ip then will it allow to that ip?
<a href="http://www.websolsoftware.com"> For IT jobs click here</a>
*Sukhoi*[font="Arial Narrow"][/font]
October 9, 2014 at 9:13 am
Yes, still only three options for what to do with the connection, but on the scope page you set what IP addresses the rule applies to.
Please, get someone who knows their way around network security to help you configure this.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
October 9, 2014 at 9:18 am
no 1 here, iam the only who will have to fix it, cannot find any tutorials on the net, windows firewall should have proper simple thing
i allow that ip, but it doesnt block all the ip
that allow rule is for a particular ip, great
but what about blocking other ips
<a href="http://www.websolsoftware.com"> For IT jobs click here</a>
*Sukhoi*[font="Arial Narrow"][/font]
October 9, 2014 at 9:59 am
If you can't do it the right way, you could try an alternative.
This trigger needs a table to store the allowed IPs. Be sure on what you're doing or you could end up messing everything up.
CREATE TRIGGER [IPs_Restricted]
ON ALL SERVER
FOR LOGON
AS
IF NOT EXISTS(
select 1
FROM sys.dm_exec_connections c
JOIN master.dbo.Allowed_IPS i ON c.client_net_address = i.IP
WHERE session_id = @@SPId
)
ROLLBACK;
October 9, 2014 at 10:06 am
Luis Cazares (10/9/2014)
If you can't do it the right way, you could try an alternative.
Won't help here. Login triggers only fire if the login was successful, they're not going to block the stream of failed login attempts against the admin accounts that you get as soon as a SQL instance is exposed to the internet without any IP filtering (please don't ask me how I know about these)
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
October 9, 2014 at 10:15 am
GilaMonster (10/9/2014)
please don't ask me how I know about these
I won't, it sounds like an awful nightmare for the person in charge.
I wasn't expecting that someone would expose their SQL instance to the internet. :crazy:
October 9, 2014 at 10:19 am
Luis Cazares (10/9/2014)
I wasn't expecting that someone would expose their SQL instance to the internet. :crazy:
I suspect that's the situation that the OP is in. 🙁
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
Viewing 15 posts - 1 through 15 (of 24 total)
You must be logged in to reply to this topic. Login to reply