Summary:
Alright, i know i haven't been around here releasing lately, been very distracted and have been resenting the ******** community, sorry i am back now and i will be writing some seriously amazing guides here! Noob friendly guides and other things too!
Objective
* We going to be managing the TCP connections and blocking the following ports -> 32000, 15880, 15882, 15885, 15883, 8080, 1433, 3306 <-
* Set mssql to local
* Set odbc to local
Result
Secures your ports
Secures your connections
Difficulty
Hard
Step 1) Fire walls, knowing and understanding the firewall!
- So this guide is actually built for Windows RC2 but you can still probably get the same idea working on windows or linux or mac or whatever the hell you use to run your server on! IF you are running your website on 8080, then dont block 8080, else block 8080.
Step 2) Making your SQL Connection Local
- This will pretty much make your remote connection local, so if anyone knows your database username/password you will never be hacked because they cant do shit with it anyways!! Because your sql/port are all local host!
THIS IS ONLY FOR 2005 EXPRESS NOT 2008 RC2
Step 3) Making your ODBC Connection Local
- This will make your ODBC connection local, so there are methods where it was easy to just open your certificate and get the connection information of your odbc/sql data but this should help fix that!
Credits goes completely to: Jangan [a user from another forum] / @jangan322
Alright, i know i haven't been around here releasing lately, been very distracted and have been resenting the ******** community, sorry i am back now and i will be writing some seriously amazing guides here! Noob friendly guides and other things too!
Objective
* We going to be managing the TCP connections and blocking the following ports -> 32000, 15880, 15882, 15885, 15883, 8080, 1433, 3306 <-
* Set mssql to local
* Set odbc to local
Result
Secures your ports
Secures your connections
Difficulty
Hard
-----------------------------------------------------------
- Alright, lets get started with the guide -
-----------------------------------------------------------
- Alright, lets get started with the guide -
-----------------------------------------------------------
Step 1) Fire walls, knowing and understanding the firewall!
- So this guide is actually built for Windows RC2 but you can still probably get the same idea working on windows or linux or mac or whatever the hell you use to run your server on! IF you are running your website on 8080, then dont block 8080, else block 8080.
- Step 1a) Turn on your windows firewall
- Step 1b) Run mmc.exe [Windows Firewall with advanced security]
- Click on New Rule
- Choose Protocols and Ports
- Click Next
- Click TCP
- Click Specific Local Ports
- Type 15880, 15882, 15885, 15883, 19980, 8080, 1433, 3306
- Click Next
- Block the Connection
- Click Next
- Click Next again
- Put a Name and description
- Click Finish
Step 2) Making your SQL Connection Local
- This will pretty much make your remote connection local, so if anyone knows your database username/password you will never be hacked because they cant do shit with it anyways!! Because your sql/port are all local host!
THIS IS ONLY FOR 2005 EXPRESS NOT 2008 RC2
- Step 1) Run SqlSAC.exe [SQL Server 2005 Surface Area Configuration]
- Click on Surface Area Configuration for services and conenctions
- Click on Remote Connections
- Click Local Connection Only
- Click ok
Step 3) Making your ODBC Connection Local
- This will make your ODBC connection local, so there are methods where it was easy to just open your certificate and get the connection information of your odbc/sql data but this should help fix that!
- Step 1) Run odbcad32.exe [ODBC Data Source Administrator]
- Step 2) Notice how all these guides make you add information in the System DNS, well instead of that, add it to User DNS. Read the description under both and you might understand why!
Credits goes completely to: Jangan [a user from another forum] / @jangan322
