Hi,
I need to disable named pipes in a SQL Cluster environment (Windows 2000 and
SQL 2000 latest SP). Here is the scenario:
Our security policy requires me to secure my production SQL Server (Virtual
SQL Cluster name=SQL01) by disabling any access to SQL Server except access
from application server. I implemented this security in UAT (Non clustered )
by creating an IPSEC filter and disabling Named Pipes on SQL Server. In one
IPSEC filter, All IP Traffic to port 1433 is blocked. In another filter,
traffic from application server IP Address is permitted. This configuration
worked fine in UAT.
When I promoted the same IPSEC policy to production (both nodes
active-passive), I noticed that I can't disable Named Pipes in cluster
environment. Is there any work around this?
Can I change default pipe for Named Pipe in order to block SQL connections
coming from default pipe?
Do you have any better suggestion to secure SQL Server?
ThanksThis was an update in sp3 that was not well documented. After installing
sp3, you can't remove Named Pipes on a Cluster. If Named Pipes was
previously removed (prior to sp3) , then it will not add it back.
We experienced numerous customer problems where the server would not come
online, and it was only listening on tcp. Here's the full reference in the
kb.
831127 Named Pipes Support Cannot Be Removed on a Virtual Server That Is
http://support.microsoft.com/?id=831127
My recommendation would be to use ISA server and publish the SQL Server.
This will allow you to only publish the TCP netlib.
Thanks,
Kevin McDonnell
Microsoft Corporation
This posting is provided AS IS with no warranties, and confers no rights.
Showing posts with label security. Show all posts
Showing posts with label security. Show all posts
Monday, March 26, 2012
Monday, March 19, 2012
Mysterious SQL Server Dropping Tables
We had just setup MS SQL 2000 (SP3), running on Windows 2000 (SP4). Both SQL
and Windows2000 Server has been patched with all security updates as per
Microsoft websites.
On the server PC, it is also running Norton Antivirus Corporate Edition 7.6
with the latest AV definition. I've also lost count of how many times we
scan the server for virus but none were found.
This is a newly setup server but we're observing the tables in the SQL
server dropping out of no apparent reason. A check on the actual data
directory we found that the database .LDF is missing and the EM marks it as
'suspect'.
What kind of information should I provide in order to further trouble shoot
this problem?
Since this is a test server we're only running it on 2 x 80GB IDE harddisk
and as far as I can tell there is no bad sectors found. Has anyone encounter
anything of such? Please help. TQ.
--
Steven Ung
"The source of all greatness lies within you" - Anonymous> This is a newly setup server but we're observing the tables in the SQL
> server dropping out of no apparent reason. A check on the actual data
> directory we found that the database .LDF is missing and the EM marks it
> as
> 'suspect'.
The tables, or the log file? Sounds like both are happening. Once you get
the system back where it should be, you might want to use a program like
filemon (http://www.sysinternals.com/ntw2k/utilities.shtml) to see what
process is accessing the LDF file.
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/|||"Aaron Bertrand [MVP]" <aaron@.TRASHaspfaq.com> wrote in message
news:ulucZdfHEHA.2876@.TK2MSFTNGP09.phx.gbl...
> The tables, or the log file? Sounds like both are happening.
Both, but the tables are the ones dropping/missing first.
Does drive caching has anything to do with it? The Windows Event Log
complaints that drive cache is disabled. I've temporary enable it and still
checking the results. But since no one has had this problem before, I'm not
certain of whether this is the solution or what is causing the tables to
drop or go missing.
> Once you get
> the system back where it should be, you might want to use a program like
> filemon (http://www.sysinternals.com/ntw2k/utilities.shtml) to see what
> process is accessing the LDF file.
I've downloaded the utility but could not find any process out of the
extraordinary.
Steven Ung
"The source of all greatness lies within you" - Anonymous
and Windows2000 Server has been patched with all security updates as per
Microsoft websites.
On the server PC, it is also running Norton Antivirus Corporate Edition 7.6
with the latest AV definition. I've also lost count of how many times we
scan the server for virus but none were found.
This is a newly setup server but we're observing the tables in the SQL
server dropping out of no apparent reason. A check on the actual data
directory we found that the database .LDF is missing and the EM marks it as
'suspect'.
What kind of information should I provide in order to further trouble shoot
this problem?
Since this is a test server we're only running it on 2 x 80GB IDE harddisk
and as far as I can tell there is no bad sectors found. Has anyone encounter
anything of such? Please help. TQ.
--
Steven Ung
"The source of all greatness lies within you" - Anonymous> This is a newly setup server but we're observing the tables in the SQL
> server dropping out of no apparent reason. A check on the actual data
> directory we found that the database .LDF is missing and the EM marks it
> as
> 'suspect'.
The tables, or the log file? Sounds like both are happening. Once you get
the system back where it should be, you might want to use a program like
filemon (http://www.sysinternals.com/ntw2k/utilities.shtml) to see what
process is accessing the LDF file.
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/|||"Aaron Bertrand [MVP]" <aaron@.TRASHaspfaq.com> wrote in message
news:ulucZdfHEHA.2876@.TK2MSFTNGP09.phx.gbl...
> The tables, or the log file? Sounds like both are happening.
Both, but the tables are the ones dropping/missing first.
Does drive caching has anything to do with it? The Windows Event Log
complaints that drive cache is disabled. I've temporary enable it and still
checking the results. But since no one has had this problem before, I'm not
certain of whether this is the solution or what is causing the tables to
drop or go missing.
> Once you get
> the system back where it should be, you might want to use a program like
> filemon (http://www.sysinternals.com/ntw2k/utilities.shtml) to see what
> process is accessing the LDF file.
I've downloaded the utility but could not find any process out of the
extraordinary.
Steven Ung
"The source of all greatness lies within you" - Anonymous
Mysterious SQL Server Dropping Tables
We had just setup MS SQL 2000 (SP3), running on Windows 2000 (SP4). Both SQL
and Windows2000 Server has been patched with all security updates as per
Microsoft websites.
On the server PC, it is also running Norton Antivirus Corporate Edition 7.6
with the latest AV definition. I've also lost count of how many times we
scan the server for virus but none were found.
This is a newly setup server but we're observing the tables in the SQL
server dropping out of no apparent reason. A check on the actual data
directory we found that the database .LDF is missing and the EM marks it as
'suspect'.
What kind of information should I provide in order to further trouble shoot
this problem?
Since this is a test server we're only running it on 2 x 80GB IDE harddisk
and as far as I can tell there is no bad sectors found. Has anyone encounter
anything of such? Please help. TQ.
--
Steven Ung
"The source of all greatness lies within you" - Anonymous> This is a newly setup server but we're observing the tables in the SQL
> server dropping out of no apparent reason. A check on the actual data
> directory we found that the database .LDF is missing and the EM marks it
> as
> 'suspect'.
The tables, or the log file? Sounds like both are happening. Once you get
the system back where it should be, you might want to use a program like
filemon (http://www.sysinternals.com/ntw2k/utilities.shtml) to see what
process is accessing the LDF file.
--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/|||"Aaron Bertrand [MVP]" <aaron@.TRASHaspfaq.com> wrote in message
news:ulucZdfHEHA.2876@.TK2MSFTNGP09.phx.gbl...
> > This is a newly setup server but we're observing the tables in the SQL
> > server dropping out of no apparent reason. A check on the actual data
> > directory we found that the database .LDF is missing and the EM marks it
> > as
> > 'suspect'.
> The tables, or the log file? Sounds like both are happening.
Both, but the tables are the ones dropping/missing first.
Does drive caching has anything to do with it? The Windows Event Log
complaints that drive cache is disabled. I've temporary enable it and still
checking the results. But since no one has had this problem before, I'm not
certain of whether this is the solution or what is causing the tables to
drop or go missing.
> Once you get
> the system back where it should be, you might want to use a program like
> filemon (http://www.sysinternals.com/ntw2k/utilities.shtml) to see what
> process is accessing the LDF file.
I've downloaded the utility but could not find any process out of the
extraordinary.
--
Steven Ung
"The source of all greatness lies within you" - Anonymous
and Windows2000 Server has been patched with all security updates as per
Microsoft websites.
On the server PC, it is also running Norton Antivirus Corporate Edition 7.6
with the latest AV definition. I've also lost count of how many times we
scan the server for virus but none were found.
This is a newly setup server but we're observing the tables in the SQL
server dropping out of no apparent reason. A check on the actual data
directory we found that the database .LDF is missing and the EM marks it as
'suspect'.
What kind of information should I provide in order to further trouble shoot
this problem?
Since this is a test server we're only running it on 2 x 80GB IDE harddisk
and as far as I can tell there is no bad sectors found. Has anyone encounter
anything of such? Please help. TQ.
--
Steven Ung
"The source of all greatness lies within you" - Anonymous> This is a newly setup server but we're observing the tables in the SQL
> server dropping out of no apparent reason. A check on the actual data
> directory we found that the database .LDF is missing and the EM marks it
> as
> 'suspect'.
The tables, or the log file? Sounds like both are happening. Once you get
the system back where it should be, you might want to use a program like
filemon (http://www.sysinternals.com/ntw2k/utilities.shtml) to see what
process is accessing the LDF file.
--
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/|||"Aaron Bertrand [MVP]" <aaron@.TRASHaspfaq.com> wrote in message
news:ulucZdfHEHA.2876@.TK2MSFTNGP09.phx.gbl...
> > This is a newly setup server but we're observing the tables in the SQL
> > server dropping out of no apparent reason. A check on the actual data
> > directory we found that the database .LDF is missing and the EM marks it
> > as
> > 'suspect'.
> The tables, or the log file? Sounds like both are happening.
Both, but the tables are the ones dropping/missing first.
Does drive caching has anything to do with it? The Windows Event Log
complaints that drive cache is disabled. I've temporary enable it and still
checking the results. But since no one has had this problem before, I'm not
certain of whether this is the solution or what is causing the tables to
drop or go missing.
> Once you get
> the system back where it should be, you might want to use a program like
> filemon (http://www.sysinternals.com/ntw2k/utilities.shtml) to see what
> process is accessing the LDF file.
I've downloaded the utility but could not find any process out of the
extraordinary.
--
Steven Ung
"The source of all greatness lies within you" - Anonymous
Mysterious SQL Server Dropping Tables
We had just setup MS SQL 2000 (SP3), running on Windows 2000 (SP4). Both SQL
and Windows2000 Server has been patched with all security updates as per
Microsoft websites.
On the server PC, it is also running Norton Antivirus Corporate Edition 7.6
with the latest AV definition. I've also lost count of how many times we
scan the server for virus but none were found.
This is a newly setup server but we're observing the tables in the SQL
server dropping out of no apparent reason. A check on the actual data
directory we found that the database .LDF is missing and the EM marks it as
'suspect'.
What kind of information should I provide in order to further trouble shoot
this problem?
Since this is a test server we're only running it on 2 x 80GB IDE harddisk
and as far as I can tell there is no bad sectors found. Has anyone encounter
anything of such? Please help. TQ.
Steven Ung
"The source of all greatness lies within you" - Anonymous
> This is a newly setup server but we're observing the tables in the SQL
> server dropping out of no apparent reason. A check on the actual data
> directory we found that the database .LDF is missing and the EM marks it
> as
> 'suspect'.
The tables, or the log file? Sounds like both are happening. Once you get
the system back where it should be, you might want to use a program like
filemon (http://www.sysinternals.com/ntw2k/utilities.shtml) to see what
process is accessing the LDF file.
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
|||"Aaron Bertrand [MVP]" <aaron@.TRASHaspfaq.com> wrote in message
news:ulucZdfHEHA.2876@.TK2MSFTNGP09.phx.gbl...
> The tables, or the log file? Sounds like both are happening.
Both, but the tables are the ones dropping/missing first.
Does drive caching has anything to do with it? The Windows Event Log
complaints that drive cache is disabled. I've temporary enable it and still
checking the results. But since no one has had this problem before, I'm not
certain of whether this is the solution or what is causing the tables to
drop or go missing.
> Once you get
> the system back where it should be, you might want to use a program like
> filemon (http://www.sysinternals.com/ntw2k/utilities.shtml) to see what
> process is accessing the LDF file.
I've downloaded the utility but could not find any process out of the
extraordinary.
Steven Ung
"The source of all greatness lies within you" - Anonymous
and Windows2000 Server has been patched with all security updates as per
Microsoft websites.
On the server PC, it is also running Norton Antivirus Corporate Edition 7.6
with the latest AV definition. I've also lost count of how many times we
scan the server for virus but none were found.
This is a newly setup server but we're observing the tables in the SQL
server dropping out of no apparent reason. A check on the actual data
directory we found that the database .LDF is missing and the EM marks it as
'suspect'.
What kind of information should I provide in order to further trouble shoot
this problem?
Since this is a test server we're only running it on 2 x 80GB IDE harddisk
and as far as I can tell there is no bad sectors found. Has anyone encounter
anything of such? Please help. TQ.
Steven Ung
"The source of all greatness lies within you" - Anonymous
> This is a newly setup server but we're observing the tables in the SQL
> server dropping out of no apparent reason. A check on the actual data
> directory we found that the database .LDF is missing and the EM marks it
> as
> 'suspect'.
The tables, or the log file? Sounds like both are happening. Once you get
the system back where it should be, you might want to use a program like
filemon (http://www.sysinternals.com/ntw2k/utilities.shtml) to see what
process is accessing the LDF file.
Aaron Bertrand
SQL Server MVP
http://www.aspfaq.com/
|||"Aaron Bertrand [MVP]" <aaron@.TRASHaspfaq.com> wrote in message
news:ulucZdfHEHA.2876@.TK2MSFTNGP09.phx.gbl...
> The tables, or the log file? Sounds like both are happening.
Both, but the tables are the ones dropping/missing first.
Does drive caching has anything to do with it? The Windows Event Log
complaints that drive cache is disabled. I've temporary enable it and still
checking the results. But since no one has had this problem before, I'm not
certain of whether this is the solution or what is causing the tables to
drop or go missing.
> Once you get
> the system back where it should be, you might want to use a program like
> filemon (http://www.sysinternals.com/ntw2k/utilities.shtml) to see what
> process is accessing the LDF file.
I've downloaded the utility but could not find any process out of the
extraordinary.
Steven Ung
"The source of all greatness lies within you" - Anonymous
Mysterious login failure error message in log-shipping
Hi I posted this a few days ago in SQL Server Security forum and at Raul Garcia's suggestion (thanks Raul for your help), I post my question here again to see whether I can be lucky enough to find a super guru to help me out.
I get the following error messages in the sql server error log
Source Logon
Message
Error: 18456, Severity: 14, State: 11.
and
Source Logon
Message
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. [CLIENT: 185.23.11.33]
(note: 185.23.11.33 is the ip addr of the source server, i.e. node 1 in the two node clustered environment)
The scenario is: We set up log-shipping (LS) between a clustered sql server system (source server) and a stand-alone sql server box (target server). (SQL Server 2K5 EE + SP1 and OS is Win2K3 + SP1), and LS goes very well, but on the target server, we found the above-mentioned error messages. The messages seem in synchronization with Log shipping because we setup log shipping cycle at 10 minutes (from 12:00:00 am to 11:59:00pm), and I can see every 10 minutes, for example at 12:10:00am, the login failure errors occur in the target server's sql server error log, and then not appear until 12:20:00am.
BTW: the two servers are in the same domain.
Thanks in advance for your help ...
Jeff
Very much a case of delegation problem in linked server. Please take a look at Nan Tu's blog for an excellent info.http://blogs.msdn.com/sql_protocols/archive/2006/08/10/694657.aspx|||
Thanks oj, you are my hero...
I believe it is true as I can find there is a linked server on my source server that points to the target server, where the error message is logged. But just curious why SQL Server automatically set up a linked server for log shipping.
|||Logshipping is functional through linked server. It's by design.If you use built-in logshipping, the wizard will create the linked server for you. If you set up log shipping by hand (when you run on Standard edition), you will have to setup the linked server yourself.
Mysterious login failure error message in log-shipping
Hi I posted this a few days ago in SQL Server Security forum and at Raul Garcia's suggestion (thanks Raul for your help), I post my question here again to see whether I can be lucky enough to find a super guru to help me out.
I get the following error messages in the sql server error log
Source Logon
Message
Error: 18456, Severity: 14, State: 11.
and
Source Logon
Message
Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. [CLIENT: 185.23.11.33]
(note: 185.23.11.33 is the ip addr of the source server, i.e. node 1 in the two node clustered environment)
The scenario is: We set up log-shipping (LS) between a clustered sql server system (source server) and a stand-alone sql server box (target server). (SQL Server 2K5 EE + SP1 and OS is Win2K3 + SP1), and LS goes very well, but on the target server, we found the above-mentioned error messages. The messages seem in synchronization with Log shipping because we setup log shipping cycle at 10 minutes (from 12:00:00 am to 11:59:00pm), and I can see every 10 minutes, for example at 12:10:00am, the login failure errors occur in the target server's sql server error log, and then not appear until 12:20:00am.
BTW: the two servers are in the same domain.
Thanks in advance for your help ...
Jeff
Very much a case of delegation problem in linked server. Please take a look at Nan Tu's blog for an excellent info.http://blogs.msdn.com/sql_protocols/archive/2006/08/10/694657.aspx|||
Thanks oj, you are my hero...
I believe it is true as I can find there is a linked server on my source server that points to the target server, where the error message is logged. But just curious why SQL Server automatically set up a linked server for log shipping.
|||Logshipping is functional through linked server. It's by design.If you use built-in logshipping, the wizard will create the linked server for you. If you set up log shipping by hand (when you run on Standard edition), you will have to setup the linked server yourself.
Subscribe to:
Posts (Atom)