I checked my SQL Server 2008R2 log in Log File Viewer and found out that someone from China keeps trying to login as 'SA' all the time, but failed of course.
Is there anyway to prevent these hackers attacking my server?
Thanks in advance.
Asked
Active
Viewed 1,123 times
2 Answers
6
Use firewalls - why on earth is that port (or any ports on an SQL server) open to the rest of the world?
Most business have multiple network tiers;
- start with a firewalled/load-balanced web tier which has a firewall between it and the application tier allowing just the specific IPs and ports of known web servers in the web tier to talk to specific application servers in the application tier.
- the application tier can only talk to specific IPs and ports in the web tier and can only talk to the DB server, again firewalled, by IP and port.
- the DB tier which again is firewalled and only allowed to talk to the application tier servers by IP and port.
Some (myself included) also have a secure tier behind the DB tier to handle any data that's particularly sensitive or contractually has to be more secure.
This is a model used extensively and generally proves to be very safe. The idea of exposing your SQL management port outside literally made my spine shiver, please stop this or you WILL be back looking for THIS.
2
Put a firewall in front of it with address restrictions. If you absolutely need the SQL server to be public facing and open to the Internet then you're going to have to work to keep it secured. If all you are doing is running web sites off of them then it should be easy to lock it down to just the addresses of your web server(s).
Better yet, put a firewall in front of your SQL server and your web servers and only allow incoming connections to your web servers.
squillman
- 38,163