Summary:
Alright, i know i haven't been around here releasing lately, been very distracted and have been resenting the ******** community, sorry i am back now and i will be writing some seriously amazing guides here! Noob friendly guides and other things too!
Objective
* We going to be managing the TCP connections and blocking the following ports -> 32000, 15880, 15882, 15885, 15883, 8080, 1433, 3306 <-
* Set mssql to local
* Set odbc to local
Result
Secures your ports
Secures your connections
Difficulty
Hard
-----------------------------------------------------------
- Alright, lets get started with the guide -
-----------------------------------------------------------
Step 1) Fire walls, knowing and understanding the firewall!
- So this guide is actually built for Windows RC2 but you can still probably get the same idea working on windows or linux or mac or whatever the hell you use to run your server on! IF you are running your website on 8080, then dont block 8080, else block 8080.
- Step 1a) Turn on your windows firewall
- Step 1b) Run mmc.exe [Windows Firewall with advanced security]
- Click on New Rule
- Choose Protocols and Ports
- Click TCP
- Click Specific Local Ports
- Type 15880, 15882, 15885, 15883, 19980, 8080, 1433, 3306
- Block the Connection
- Click Next
- Click Next again
- Put a Name and description
So now we pretty much closed down all the ports that are open to public, you can verify this by using an online port scanner!
verify that all these ports are closed! You dont ever need a reason to have them open in the first place
Step 2) Making your SQL Connection Local
- This will pretty much make your remote connection local, so if anyone knows your database username/password you will never be hacked because they cant do shit with it anyways!! Because your sql/port are all local host!
THIS IS ONLY FOR 2005 EXPRESS NOT 2008 RC2
- Step 1) Run SqlSAC.exe [SQL Server 2005 Surface Area Configuration]
- Click on Surface Area Configuration for services and conenctions
- Click on Remote Connections
- Click Local Connection Only
Step 3) Making your ODBC Connection Local
- This will make your ODBC connection local, so there are methods where it was easy to just open your certificate and get the connection information of your odbc/sql data but this should help fix that!
- Step 1) Run odbcad32.exe [ODBC Data Source Administrator]
- Step 2) Notice how all these guides make you add information in the System DNS, well instead of that, add it to User DNS. Read the description under both and you might understand why!
Credits goes completely to: Jangan [a user from another forum] / @jangan322