Forwading Port On Routers

[ellemen]

1. Go to This site

http://www.portforward.com/english/routers/port_forwarding/routerindex.htm

Find your router model Example: ( D-LINK DSL-2740B )

Unblock this port for Windows:

1433 - SQL SERVER CONNECTION

Unblock these ports for Linux:

22 - SSH

80 - PSS

38170 - GlobalMgrSvr

38180 - GlobalAgentSvr

38181 - DBAgent

38121 - NETLIB / CHATNODE

38101 - NETLIB LOGIN SVR

38111 - NETLIB WORLD SERVER

38190 - CashDbAgent

Please make it sticky

Thanks :2gunsfiring_v1::smilie_xp

 

[dordort]

Very nice but you dont need to open port 1433. its only makes your system unsecurity and sql port is open for everything. just open the 381** in centos and that's all. because the SQL connection moves in the server, you dont go directly to use 1433! the server is using it for you. its unsecurity and un needed to open it!

And thanks for alerting all the ports and what they do

 

[Yamachi]

The only ports you need to open are 38101 and 38121. However, if you want to be able to access the SQL database from home, you will need to open port 1433 aswell.

 

[ellemen]

i done it like i done on my router because my router needs to have this port unblocked otherways the sever wont connect to sql.

 

[chumpywumpy]

If you are going to open 1433 i strongly suggest you do some googling on the types of sql injection attacks that are going on at the moment as sql attacks are very very common at the moment. Try to learn a little about what the hackers are trying to do and how to best protect yourself and your database.

 

[Revmed]

If you are going to open 1433 i strongly suggest you do some googling on the types of sql injection attacks that are going on at the moment as sql attacks are very very common at the moment. Try to learn a little about what the hackers are trying to do and how to best protect yourself and your database.

i agree to that

 

[ellemen]

"OR" "=" "OR" do you think im stupid? you can do sql inj via php script if the script is secured enough no one will hack it..

bug in script and you got access to every thing by inserting EvilShell

 

[chiosin2]

ok.. at first i didnt believe chumpy.. but now i do.. sorry for doubting chumpy.. but i cant connect when i put my server online using my WaN IP (119.***.***.***) so uHhh... is there a way ?? or none?

My Router Model : D-Link: DI-524

EDIT: IS this how its Done?

when i Probe its Closed... >.< Help?

 

[ellemen]

chiosin2 like you see the port 80 is ready added delete the one you made and edit the one that is on the top.. remember to enable it while editing.

+ TurnOff any firewall including windows firewall..

Control Panel > Windows FireWall

 

[chumpywumpy]

@ellemen - I'm not trying to say anything like that so i apologise if that is how it came across. SQL injection can be done in other ways and not just via a website or php script. At the moment many large websites are under constant attack and not all of the attacks are aimed at the website or the webserver, some are aimed at MSSQL itself and use a variety of techniques to inject data into the database to try and get nasty things to appear on pages to infect people with things. 1433 is a known vunerable port and hackers are using some clever tricks to search the web for addresses with port 1443 open, some of these are even automated scripts which detect and attack automatically.

Have a google on the subject as you will find an awful lot of people fighting the problem at the moment. I work for a software company that deals with a lot of other large organisations and i am currently hearing about a lot of damage being done to a lot of our customers sites and MSSQL services, our own website has been under constant attack for nearly 3 months now (the website is one of the things i am involved with) and has been completely destroyed several times.

This is why i tell you to be careful, bugs in the way external access to the MSSQL services is handled is one of the main causes and MS have not fixed it yet.

Port 80 is not needed by the server at all as that is the HTTP port and only webservers use it. PSS is not used by us so you don't need to open a port for that, in fact the port 80 it shows in the PSS config is the port of the remote PSS site it tries connecting to and not an incoming port.

 

[Cath22]

you should not open the port of the MSSQL to prevent hackers to ruin your database close port 1433

 

[chiosin2]

im using a DI-524 Router, and i was Wondering if i should let my DMZ (Demilitarized Zone) , let my CentOS ip be exposed to the internet... is it safe?

and i still don't have any clues how to forward ports.. =D....

 

[penihop]

except router install Firewall on your Windows server , and allow the IP of the Linux for MSSQL.

 

[chiosin2]

so your saying that i should place 127.0.0.1 << as my Windows ip.. then use the no-ip address with my CentOS? is that right?

 

[penihop]

yes, and use internal.txt with ur no-ip.

there is also easier way, you can port Forward with a program called SMNAPT 2.0 , you need to forward only the TCP ports. i use it for my PC's connected via crossover cable [internet<>PC1(acting as router)<>pc2]

 

[chiosin2]

i downloaded it but i dont understand how to use it.... @____@

 

[Advocate]

i enable dmz that should cover all my need ports but problem im having is i can ping the centos server from comp and ping my comp from centos get responce but it still can't seem to connect to database even tho i have followed everything thru with chumpy guide and files , not to mention ihave windows vista 32 bit.

 

[Cath22]

are you familiar with NAT

 

[Jeffijoe]

Okay guyz.. I am able to Port Forward, but I have a prob..

1st. Is it good or bad to open the SQl port?

2nd. I use PF Config to Port forward. Is it TCP Ports, or UDP Ports I have to open?

3rd. What do I have to do when Im done? Im through SQL DB Setup, and I have VMWare installed. And I think Im gonna use Dordort's easy CentOs setup where files are installed. But I dont know exacly what to do.. I dont really understand what he mean..

 

[GhostBaster]

can you give me how to open ports ...i no understand.....

need to open ports at modem or at windows Firewall add port....
at modem i already open ports DMZ

pls give me clue......