[Guide] Security Issue Port 1433 Brute attack RF PS

[letjen]

new metode brute password

for RF PS you must change your port MSSQL for fix this issue

To change the Port Number, do the following steps.

1) Form start click on Microsoft SQl Server 2008\ Configuration Tools\ SQL Server Configuration Manager.

2) Expand SQl Server network Cofiguration\ Protocols for SQL2008

3) On your right hand Pane find "TCP/IP". you need to enable this protocol for using port number.

4) Double click the "TCP\IP" and go to tab "IP Address".
find "TCP PORT", which can be configured by the administrator.

Note: Changes can be in effect only after a restart of teh SQL Server Service.
How to ensure that SQL Server is using the set port number?
You can find this information from the sql Server Log. it should say SQL Server listing on a particular port number.

if all done dont forget change password for user "sa" or any user in your MSSQL use strong password

and finaly set up your firewall for block scan port and ICMP

 

[Ron]

Can use telnet to test ports, much easier than browsing to a log file.

 

[letjen]

this metode hack with CSP combine with brute password to get password database

 

[novanakal]

if i have a firewall and use Local connection for login to MSSQL,..
i think, someone cant using your remote login for MSSQL

 

[letjen]

if i have a firewall and use Local connection for login to MSSQL,..
i think, someone cant using your remote login for MSSQL

yes right, but if you use out connection for your mssql you must try this solution.

 

[novanakal]

yes, this is optional for other way to secure your connection.
nice info gan..!!

 

[Hoshimura]

Nice Info dude..

yes, this is optional for other way to secure your connection.
nice info gan..!!

wkwkkw bang noval indonya di bawa.

 

[CAPITOL]

In windows firewall, you can just specifiy what IP can be accepted in remote connection.