As I understand it, the slammer virus took advantage of port 1434 which is e
nabled over udp for sql clients to find out the ports named instances are us
ing. If applying sp3a disables listening on port 1434, can named instances s
till be used? Do the ports
need to be known and hardcoded in advance?
TIA,
John BrownIn the Server network Utiliy simply choose a fixed port number, and the
clients would have to know the fixed port number to connect.
Or you could still use Dynamic ports, (the check box) and enable port 1434,
and the end user does NOT have to know the port number...
Wayne Snyder, MCDBA, SQL Server MVP
Computer Education Services Corporation (CESC), Charlotte, NC
www.computeredservices.com
(Please respond only to the newsgroups.)
I support the Professional Association of SQL Server (PASS) and it's
community of SQL Server professionals.
www.sqlpass.org
"John Brown" <anonymous@.discussions.microsoft.com> wrote in message
news:F9DBE64E-3137-41B3-91D1-ECDFC0086B08@.microsoft.com...
> As I understand it, the slammer virus took advantage of port 1434 which is
enabled over udp for sql clients to find out the ports named instances are
using. If applying sp3a disables listening on port 1434, can named instances
still be used? Do the ports need to be known and hardcoded in advance?
> TIA,
> John Brown|||Thanks Wayne,
so if I enable 1434, does this open me up to the slammer virus still?
TIA,
John Brown|||SP3a fixes the exploit in the SQL Server Resolution Service used by Slammer,
it does not stop the server listening on UDP1434 as this is required for
resolving endpoints for named instances unless every client has the port
hard coded into a connection string or an alias in the client network
utlity. As long as you have SP3a applied you'll be okay but make sure that
port is still blocked on external firewalls.
HTH
Jasper Smith (SQL Server MVP)
I support PASS - the definitive, global
community for SQL Server professionals -
http://www.sqlpass.org
"John Brown" <anonymous@.discussions.microsoft.com> wrote in message
news:F5708C23-286E-49B6-88BC-4CD6C5F1C768@.microsoft.com...
> Thanks Wayne,
> so if I enable 1434, does this open me up to the slammer virus still?
> TIA,
> John Brown
Showing posts with label sp3a. Show all posts
Showing posts with label sp3a. Show all posts
Monday, March 26, 2012
named instances and sp3a - how to enable access?
As I understand it, the slammer virus took advantage of port 1434 which is enabled over udp for sql clients to find out the ports named instances are using. If applying sp3a disables listening on port 1434, can named instances still be used? Do the ports need to be known and hardcoded in advance
TIA
John BrownIn the Server network Utiliy simply choose a fixed port number, and the
clients would have to know the fixed port number to connect.
Or you could still use Dynamic ports, (the check box) and enable port 1434,
and the end user does NOT have to know the port number...
--
Wayne Snyder, MCDBA, SQL Server MVP
Computer Education Services Corporation (CESC), Charlotte, NC
www.computeredservices.com
(Please respond only to the newsgroups.)
I support the Professional Association of SQL Server (PASS) and it's
community of SQL Server professionals.
www.sqlpass.org
"John Brown" <anonymous@.discussions.microsoft.com> wrote in message
news:F9DBE64E-3137-41B3-91D1-ECDFC0086B08@.microsoft.com...
> As I understand it, the slammer virus took advantage of port 1434 which is
enabled over udp for sql clients to find out the ports named instances are
using. If applying sp3a disables listening on port 1434, can named instances
still be used? Do the ports need to be known and hardcoded in advance?
> TIA,
> John Brown|||SP3a fixes the exploit in the SQL Server Resolution Service used by Slammer,
it does not stop the server listening on UDP1434 as this is required for
resolving endpoints for named instances unless every client has the port
hard coded into a connection string or an alias in the client network
utlity. As long as you have SP3a applied you'll be okay but make sure that
port is still blocked on external firewalls.
--
HTH
Jasper Smith (SQL Server MVP)
I support PASS - the definitive, global
community for SQL Server professionals -
http://www.sqlpass.org
"John Brown" <anonymous@.discussions.microsoft.com> wrote in message
news:F5708C23-286E-49B6-88BC-4CD6C5F1C768@.microsoft.com...
> Thanks Wayne,
> so if I enable 1434, does this open me up to the slammer virus still?
> TIA,
> John Brown
TIA
John BrownIn the Server network Utiliy simply choose a fixed port number, and the
clients would have to know the fixed port number to connect.
Or you could still use Dynamic ports, (the check box) and enable port 1434,
and the end user does NOT have to know the port number...
--
Wayne Snyder, MCDBA, SQL Server MVP
Computer Education Services Corporation (CESC), Charlotte, NC
www.computeredservices.com
(Please respond only to the newsgroups.)
I support the Professional Association of SQL Server (PASS) and it's
community of SQL Server professionals.
www.sqlpass.org
"John Brown" <anonymous@.discussions.microsoft.com> wrote in message
news:F9DBE64E-3137-41B3-91D1-ECDFC0086B08@.microsoft.com...
> As I understand it, the slammer virus took advantage of port 1434 which is
enabled over udp for sql clients to find out the ports named instances are
using. If applying sp3a disables listening on port 1434, can named instances
still be used? Do the ports need to be known and hardcoded in advance?
> TIA,
> John Brown|||SP3a fixes the exploit in the SQL Server Resolution Service used by Slammer,
it does not stop the server listening on UDP1434 as this is required for
resolving endpoints for named instances unless every client has the port
hard coded into a connection string or an alias in the client network
utlity. As long as you have SP3a applied you'll be okay but make sure that
port is still blocked on external firewalls.
--
HTH
Jasper Smith (SQL Server MVP)
I support PASS - the definitive, global
community for SQL Server professionals -
http://www.sqlpass.org
"John Brown" <anonymous@.discussions.microsoft.com> wrote in message
news:F5708C23-286E-49B6-88BC-4CD6C5F1C768@.microsoft.com...
> Thanks Wayne,
> so if I enable 1434, does this open me up to the slammer virus still?
> TIA,
> John Brown
Wednesday, March 7, 2012
my sqlsp.log
this is the end of my sqlsp.log after sp3a install to existing SQL 200
11:03:54 Begin: SetupRegistry(
11:03:54 Register this installation of SQL Server with MDA
11:03:54 Completed registering this installation of SQL Server with MDA
11:03:55 Start Process...updating reg entries for S
11:03:55 No Server -> Tool
11:03:55 End: SetupRegistry(
11:03:55 Begin: PostSetupRegistry(
11:03:55 C:\PROGRA~1\COMMON~1\MICROS~1\SQLDEB~1\SQLDBR~1.EXE sqldbreg2.exe -RegServe
11:03:56 End: PostSetupRegistry(
11:04:07 You should now backup your master and msdb databases since this installation has updated their content
11:04:07 Action CleanUpInstall
11:04:09 Installation Completed with Errors (number of nonfatal errors: 1
But when I check @.@.version I am still on sp2. Did not see indication of what the nonfatal error was. Idea what I should be looking for?The last line says: 11:04:09 Installation Completed with
Errors (number of nonfatal errors: 1)
Your SQL SP# installation was not succesfull, please fix
the issue and re-install em
Thank you,
Saleem Hakani
>--Original Message--
>this is the end of my sqlsp.log after sp3a install to
existing SQL 2000
>11:03:54 Begin: SetupRegistry()
>11:03:54 Register this installation of SQL Server with
MDAC
>11:03:54 Completed registering this installation of SQL
Server with MDAC
>11:03:55 Start Process...updating reg entries for SP
>11:03:55 No Server -> Tools
>11:03:55 End: SetupRegistry()
>11:03:55 Begin: PostSetupRegistry()
>11:03:55 C:\PROGRA~1\COMMON~1\MICROS~1\SQLDEB~1
\SQLDBR~1.EXE sqldbreg2.exe -RegServer
>11:03:56 End: PostSetupRegistry()
>11:04:07 You should now backup your master and msdb
databases since this installation has updated their
content.
>11:04:07 Action CleanUpInstall:
>11:04:09 Installation Completed with Errors (number of
nonfatal errors: 1)
>But when I check @.@.version I am still on sp2. Did not
see indication of what the nonfatal error was. Idea what
I should be looking for?
>.
>
11:03:54 Begin: SetupRegistry(
11:03:54 Register this installation of SQL Server with MDA
11:03:54 Completed registering this installation of SQL Server with MDA
11:03:55 Start Process...updating reg entries for S
11:03:55 No Server -> Tool
11:03:55 End: SetupRegistry(
11:03:55 Begin: PostSetupRegistry(
11:03:55 C:\PROGRA~1\COMMON~1\MICROS~1\SQLDEB~1\SQLDBR~1.EXE sqldbreg2.exe -RegServe
11:03:56 End: PostSetupRegistry(
11:04:07 You should now backup your master and msdb databases since this installation has updated their content
11:04:07 Action CleanUpInstall
11:04:09 Installation Completed with Errors (number of nonfatal errors: 1
But when I check @.@.version I am still on sp2. Did not see indication of what the nonfatal error was. Idea what I should be looking for?The last line says: 11:04:09 Installation Completed with
Errors (number of nonfatal errors: 1)
Your SQL SP# installation was not succesfull, please fix
the issue and re-install em
Thank you,
Saleem Hakani
>--Original Message--
>this is the end of my sqlsp.log after sp3a install to
existing SQL 2000
>11:03:54 Begin: SetupRegistry()
>11:03:54 Register this installation of SQL Server with
MDAC
>11:03:54 Completed registering this installation of SQL
Server with MDAC
>11:03:55 Start Process...updating reg entries for SP
>11:03:55 No Server -> Tools
>11:03:55 End: SetupRegistry()
>11:03:55 Begin: PostSetupRegistry()
>11:03:55 C:\PROGRA~1\COMMON~1\MICROS~1\SQLDEB~1
\SQLDBR~1.EXE sqldbreg2.exe -RegServer
>11:03:56 End: PostSetupRegistry()
>11:04:07 You should now backup your master and msdb
databases since this installation has updated their
content.
>11:04:07 Action CleanUpInstall:
>11:04:09 Installation Completed with Errors (number of
nonfatal errors: 1)
>But when I check @.@.version I am still on sp2. Did not
see indication of what the nonfatal error was. Idea what
I should be looking for?
>.
>
Subscribe to:
Posts (Atom)