Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
cxormst
Starting Member
9 Posts |
 Posted - 2004-03-02 : 10:53:13
|
| We are in the process of setting up security for our new application.It will be accessed by some clients from the web. The web application is developed in asp.net framework. The web application requests data from our MS SQL server 2000 running on a combo server with MS W2K server. It then generates the reports for the clients.We need to tighten down traffic between our DMZ(web server) and the internal network( SQL server). What service ports are required to pass for Mixed mode authentication and SQL access?thanksChristian ormstrupcormstrup@tmi-canada.com |
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2004-03-02 : 12:46:21
|
| You only need to open the port that SQL Server is listening on. Hopefully, it isn't 1433. If it is, change it! Then punch a hole in the firewall for this port.Tara |
 |
|
|
cxormst
Starting Member
9 Posts |
Posted - 2004-03-02 : 13:10:16
|
| Yes under properties-network configuration-TCP/IP is set to 1433What choices do I have (1434,1435 etc)and what effect will it have on our users and applications?Is there a way of defending the 1433 port? Maybe you know of a reference document that deals with this issue? |
|
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2004-03-02 : 14:05:02
|
| You should never use 1433 in a DMZ environment. You can pick whatever port you want, but don't pick 1433 or 1434.The clients will need to know which port the SQL Server is listening on. A registry entry is made so that they point to it.Tara |
|
|
|
X002548
Not Just a Number
15586 Posts |
Posted - 2004-03-02 : 14:15:56
|
| Tara's saying that because they're the default ports and are a security risk...Brett8-) |
|
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2004-03-02 : 14:17:19
|
| http://sqlsecurity.com/DesktopDefault.aspxTara |
|
|
|
X002548
Not Just a Number
15586 Posts |
Posted - 2004-03-02 : 14:26:03
|
| Adding another site to the Fav's list..Thanks TaraBrett8-) |
|
|
|
cxormst
Starting Member
9 Posts |
Posted - 2004-03-02 : 14:26:52
|
| Thank you |
|
|
|
|
|
|
Application Service ports