Hiding SQL Server within your network

Windows servers "announce" their presence on local networks via NetBIOS by default, so any other computer configured with a domain browser (essentially the Computer Browser service) can see a server without knowing its IP address. If you're running SQL Server in an environment where you don't want people stumbling across the server and trying to access it, you should hide SQL Server as a precaution.

You have basically two options for hiding an instance of SQL Server from network discovery:

The NET CONFIG SERVER command removes the entire computer from the network browser list, not just an instance of SQL Server on that computer. If you type NET CONFIG SERVER /HIDDEN:YES at the command line for the server in question, the server will stop broadcasting announcements into the domain and it will eventually disappear from the Network Neighborhood of other computers in the domain. This is a good preventative measure if a SQL Server machine lives in a hosting center where it shares a network segment with other computers and you don't want it to advertise its presence to others. [Note: It will still be directly accessible if you know its TCP/IP address or its NetBIOS machine name.]

The second approach works only if SQL Server is accessed via TCP/IP (it will not work for named pipes). If you run the ...

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT SQL Server Security Meet compliance requirements with improved database security practices Hardening the network and OS for SQL Server security Securing the server and database in SQL Server SQL Server security made simple and sensible Blog: Protect your databases from the internal threat Setting up SQL Server Service Broker for secure communication The keys to database backup protection for SQL Server Understanding transparent data encryption in SQL Server 2008 The fine line between not encrypting your databases and breach notification Securing SQL Server with access control, login monitoring and DDL triggers Database Management and Administration Meet compliance requirements with improved database security practices Hardening the network and OS for SQL Server security Securing the server and database in SQL Server How SQL Server 2008 components impact SharePoint implementations Troubleshooting Distributed Transaction Coordinator errors in SQL Server Achieving high availability and disaster recovery with SharePoint databases Clearing the Windows page file and its effect on server performance Deploying a SQL Server virtual appliance for Microsoft Hyper-V How to create SQL Server virtual appliances for Hyper-V Push vs. pull: Configuring SQL Server replication

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary data corruption  (SearchSQLServer.com) data hiding  (SearchSQLServer.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

SQL Server Network Utility, place TCP/IP in the "Enabled Protocols" list and click Properties. The pane that comes up will feature a checkbox labeled "Hide server." When that option is enabled, SQL Server will no longer respond to attempts to enumerate its presence via TCP/IP. This means, for instance, that if you run the Query Analyzer, the server name will not appear in the drop-down list of available servers.

One drawback to hiding SQL Server in TCP/IP involves running multiple instances of SQL Server on the same computer. The first instance to be brought online will bind to port 2433 (SQL Server's default listening port); the others will not be able to bind a port and will log an error.

About the author: Serdar Yegulalp is the editor of the Windows 2000 Power Users Newsletter. Check out his Windows 2000 blog for his latest advice and musings on the world of Windows network administrators – please share your thoughts as well!

More information from SearchSQLServer.com