Monday, March 26, 2012

named instances and sp3a - how to enable access?

As I understand it, the slammer virus took advantage of port 1434 which is e
nabled over udp for sql clients to find out the ports named instances are us
ing. If applying sp3a disables listening on port 1434, can named instances s
till be used? Do the ports
need to be known and hardcoded in advance?
TIA,
John BrownIn the Server network Utiliy simply choose a fixed port number, and the
clients would have to know the fixed port number to connect.
Or you could still use Dynamic ports, (the check box) and enable port 1434,
and the end user does NOT have to know the port number...
Wayne Snyder, MCDBA, SQL Server MVP
Computer Education Services Corporation (CESC), Charlotte, NC
www.computeredservices.com
(Please respond only to the newsgroups.)
I support the Professional Association of SQL Server (PASS) and it's
community of SQL Server professionals.
www.sqlpass.org
"John Brown" <anonymous@.discussions.microsoft.com> wrote in message
news:F9DBE64E-3137-41B3-91D1-ECDFC0086B08@.microsoft.com...
> As I understand it, the slammer virus took advantage of port 1434 which is
enabled over udp for sql clients to find out the ports named instances are
using. If applying sp3a disables listening on port 1434, can named instances
still be used? Do the ports need to be known and hardcoded in advance?
> TIA,
> John Brown|||Thanks Wayne,
so if I enable 1434, does this open me up to the slammer virus still?
TIA,
John Brown|||SP3a fixes the exploit in the SQL Server Resolution Service used by Slammer,
it does not stop the server listening on UDP1434 as this is required for
resolving endpoints for named instances unless every client has the port
hard coded into a connection string or an alias in the client network
utlity. As long as you have SP3a applied you'll be okay but make sure that
port is still blocked on external firewalls.
HTH
Jasper Smith (SQL Server MVP)
I support PASS - the definitive, global
community for SQL Server professionals -
http://www.sqlpass.org
"John Brown" <anonymous@.discussions.microsoft.com> wrote in message
news:F5708C23-286E-49B6-88BC-4CD6C5F1C768@.microsoft.com...
> Thanks Wayne,
> so if I enable 1434, does this open me up to the slammer virus still?
> TIA,
> John Brown
Posted by congestionlzxr at 8:31 AM
Labels: , , , , , , , , , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)