How can I disable an Open Microsoft SQL Browser?

A lot of our customers use some form of SQL database, Microsoft users will use Microsoft SQL most of the time. Here you can read how to solve the Open Microsoft SQL Server issue.

What is an "Open Microsoft SQL Server"?

Your server operates a Microsoft SQL Server Browser service, responding on port 1434. When this feature is enabled and publicly accessible from the internet, attackers may use this service to launch denial of service attacks (an amplification attack using forged UDP packets).

 

Recommended action

Reconfigure your server in such a way that this service can’t be exploited anymore.

This can be achieved, by blocking access to port 1434 or disable the SQL Server Browser service entirely, which shouldn’t have any impact if you run only one instance of SQL Server.

If you need access from remote machines to your Microsoft SQL Server, configure your firewall to only allow connections from trusted sources.

 

Disabling Microsoft SQL Browser

To disable the Microsoft SQL Browser you can take the following actions:

1. Open SQL Server Configuration Manager, and select the SQL Server Services tab.

Screenshot_2021-06-10_at_10.32.24.png

 

2. Double click on the SQL Server Browser service, a screen will open.

Screenshot_2021-06-10_at_10.32.42.png

 

3. On the Log On tab click on the Stop button to stop the service.

Screenshot_2021-06-10_at_10.35.00.png

 

4. On the Service tab the Start mode is the only enabled option, this should be changed to Disabled.

Screenshot_2021-06-10_at_10.34.11.png

 

If you have a named instance, you have to set a fixed TCP port for it to be reachable from the client machines. In the SQL Server Configuration Manager, you can go to the SQL Server Network Configuration node's protocols. 

 

Screenshot_2021-06-10_at_10.39.04.png

 

5. Right-click on TCP/IP and go to the IP Addresses tab

Screenshot_2021-06-10_at_10.39.31.png

 

You will see several sections, one per IP address defined on your server, including the loopback adapter (127.0.0.1).

 

6. Choose the IP address of the interface from which the clients access the SQL Server.

Screenshot_2021-06-10_at_10.40.51.png

If there is a 0 in the TCP Dynamic Ports property, remove it and enter the port you would like to use in the TCP Port property.

 

7. Restart SQL Server for the changes to take effect.

 

To indicate which port is to be accessed on the client machine, you need to specify it
in the connection string by naming the server as follows:

<server_name>,<port> (server name and port name separated by a comma).

For example, SQL1,8200—if you set the TCP port as 8200.

A full connection string example is as follows:

Data Source= SQL1,8200;Initial Catalog=YOURDB;User Id=YOURUSER;Password=YOURPASSWORD;


You can check if the port is still open by using a tool called 'nmap' and by running the following command:

$ sudo nmap -sU -pU:1434 -sV IP_address_here_
Have more questions? Submit a request

0 Comments

Article is closed for comments.