Hi,
I'm a bit new to administering a SQL Server and this seems like a pretty basic question, but I'm not sure how to phrase it for the searches. So I apologize for seeking an indulgence...
I have SQL Server 2005 Standard edition running on a server exposed to the Internet. A handful of clients have to connect to it via TCP/IP using SQL Server Studio and ODBC links. But my windows logs are chok-full of failure audits of what I presume to be your garden variety crackers trying default passwords -- several times a minute.
What's the best solution to this, and how would I go about implementing it? Restrict TCP/IP access to certain IP ranges? Is there a 'max login attempts' somewhere? The server uses SQL authentication (not windows) if that makes a difference.
Thanks for the help!
You would need a firewall (or configure it properly) between the Server and the internet to restrict access to IP ranges. As the server uses SQL Server authentication it also uses Windows Authentication. There are two modes Mixed authentication (which includes SQL Server and Windows authentication) and Windows Authentication only. If you have chosen SQL Server authentication for the login and you installed the SQL Server 2005 on a Windows 2003 Server box, you can use the option of password policies, which also will allow you to lock out a account after several unsuccessfull login attempts. But this won′t help you further, because your legal users will be not happy about the fact, that their accounts will be locked out from time to time, although they didn′t try to log on to the server, because another illegal user tried to guess the password. So the only thing would be to prevent access to invalid users actively with a firewall.HTH, Jens Suessmeyer.
http://www.sqlserver2005.de
No comments:
Post a Comment