Protect your mssql with Sygate firewall

**Nemesiz** · 13-01-05

I have tested some firewalls on windows and i like Sygate personal firewall pro (http://smb.sygate.com/products/spf_pro.htm)
To protect your mssql from connect of outside we need to disable outgoing and incoming traffic of mssql.
On Sygate screen find mssql process and with left mouse button select option "Block".

Now we need to set advanced rule for mssql.
Go to Tools > Advanced Rules... > Add
Select "Block this traffic", select "Record this traffic in Packet Log" too, this option let us see mssql trafic on Packet Log section, that way we will see mssql attackers.

On Applications find mssql and select it. This rule will be only for mssql process.

If you dont use mssql servers links then you should to disable it. Go to mssql settings using Enterprise Manager and unselect Sql remotely connect using RPC.

**MentaL**

**Nemesiz** · 13-01-05

Or you can just block UDP 1431 and 1433 ports

**Hybr!d** · 13-01-05

Nice work man good guide to.

**Z80** · 26-01-05

I use a combination of NAT (on my router) and server firewall (sygate).
If I block the SQL Server Windows NT application, no one can connect to the server.
What is wrong??
How people can play if the sgq server is blocked for in and outgoing traffic??

**Regnarts** · 26-01-05

Please tell me the best way or the best program to block some localport such as 22 (SSH), 23(Telnet), 137, 139, etc...

**Nemesiz** · 27-01-05

Originally Posted by Z80

I use a combination of NAT (on my router) and server firewall (sygate).
If I block the SQL Server Windows NT application, no one can connect to the server.
What is wrong??
How people can play if the sgq server is blocked for in and outgoing traffic??

You can block out/in traffic, but not local, etc localhost aka 127.0.0.1
Check cs and gameserver ports.

Originally Posted by Regnarts

Please tell me the best way or the best program to block some localport such as 22 (SSH), 23(Telnet), 137, 139, etc...

I suggest Sygate

**Z80** · 27-01-05

[QUOTE=Nemesiz]You can block out/in traffic, but not local, etc localhost aka 127.0.0.1
Check cs and gameserver ports.

I don't understand. If I follow your guide, it is blocking the sqlserver.
I tried a different approach:
1) enter in advanced rules
2) Add
3) BlockSql
4) Mark "Block this traffic"
5) open ruler "Applications
6) select SQLServerWindosNT
7) OK

Now it works fine, everybody can connect and there is silence on incomming and outgoing
.
What do mean with "check" cs and gs ports??

**Nemesiz** · 27-01-05

For players need only CS.exe TCP 44405 port and GAMESERVER.exe TCP 55901 (standard) port.

**blindscout** · 05-02-05

i got the same prob.. when i block ports dataserver 1 , 2 and 1433 1431 no one can connect.. so now you say i only block cs port and gs port with TCP and the ports you mentioned that are standard? in other words just block TCP 44405 port TCP 55901 from any traffic?

(i dont want those hackers making their own items and editing their own stuff! :burn: )

**Nemesiz** · 05-02-05

Make 8 link look like: D:\Muserver\GameServer\GameServer.exe 127.0.0.1 55970 127.0.0.1 55960 55901
Firewall dont block 127.0.0.1 IP becouse its localhost

**holm** · 05-02-05

Anyone knows how to protect your CS from port attacks?

Read here -> http://forum.ragezone.com/showthread.php?t=59808

This will be the last problem you'll ever bother, when users knows how to distract your
server's connections.

**noobnr1** · 12-07-05

thx alot

**Skite** · 16-07-05

Originally Posted by Nemesiz

You can block out/in traffic, but not local, etc localhost aka 127.0.0.1
Check cs and gameserver ports.

Wait.. So does this mean you leave CS and GS ports alone since players only need to connect through CS?

And why would it matter if it blocks local or not. People outside localhost cannot connect anyways.

Please Help.

**Nemesiz** · 21-07-05

Skite for players need only cs ang gameserver ports.

**BHD** · 21-07-05

nice guide Nemesiz ;)
4 Nemesiz: kaip ten su LMN einas?

**Nemesiz** · 21-07-05

Puse velnio, neturiu baisiai laiko bet jau resetus testinu.

**BHD** · 22-07-05

tai jau greit bus?
laukiam laukiam :)

**Skite** · 28-08-05

Hm. Instead of blocking the SQL Server, block dataservers 1 and 2.

**davevleugel** · 13-09-05

When i instal sygates i dont have internet ore even network anymore....My messenger don't work then.

can sombody explain me why??

i got a router

**Nemesiz** · 13-09-05

Try to use IPSP http://forum.ragezone.com/showthread.php?t=84916

**davevleugel** · 14-09-05

Ok i try (thanx for help)

**codrin** · 23-09-05

dude .... nice guide ..... :) only 1 problem though ..... i did exactly as said in the guide .... but now no one can lvl up. when they switch their caracter it resets their caracter to the moment i installed the firewall. main problem : server at a standstill. :( please help.:eh:

**darranthegreat** · 01-10-05

i did everything and my server works fine. but my players cant access my website..o.O

**Dark_FearZz** · 11-10-05

I connect to my server only by remote.what i must add to sygate so as not to block me?!?I tried it many times but always blocked me!!!Help

**Dark_FearZz** · 11-10-05

I connect to my server only by remote.Even i tried to install the Sygate Firewall always blocks access by remote!!!Help me ...

Protect your mssql with Sygate firewall

Thread Tools

Search Thread

Protect your mssql with Sygate firewall

Combination of Sygate and NAT Firewall

any other idea for full protection?

Advertisement