How to disable an Open Microsoft SQL Browser

Many of our users need some form of SQL database. Microsoft SQL is almost always used by Microsoft users. This article will teach you how to troubleshoot Open Microsoft SQL Server issues. 

 

What is an Open Microsoft SQL Server? 

Your server runs the Microsoft SQL Server Browser service, which listens on port 1434. If this service is enabled and publicly accessible via the internet, attackers may use it to launch denial of service attacks (an amplification attack using forged UDP packets).  

 

Recommended action 

Reconfigure your server so that this service can no longer be used. This can be accomplished by blocking access to port 1434 or by completely disabling the SQL Server Browser service, which should have no impact if only one instance of SQL Server is running.  

If you require remote access to your Microsoft SQL Server, configure your firewall to allow only connections from trusted sources. 

 

Disabling Microsoft SQL Browser

To disable the Microsoft SQL Browser, follow the steps below:

1. Open the 'SQL Server Configuration Manager', and select the 'SQL Server Services' tab.

blobid0.png

2. Double-click on theSQL Server Browser service and a screen will open. 

blobid1.png

3. On the Log On tab, click on the Stop button to stop the service. 

blobid2.png

4. On the Service tab, the ‘Start’ mode is the only enabled option, this should be changed to Disabled.

blobid3.png

5. If you have a named instance, you must assign it a fixed TCP port for it to be reachable from client machines. You can navigate to the protocols of the SQL Server Network Configuration node in the SQL Server Configuration Manager.

blobid4.png

6. Left-click on ‘TCP/IP’ and go to the 'IP Addresses' tab.

blobid5.pngYou will see several sections, one per IP address defined on your server, including the loopback adapter (127.0.0.1). 

7. Choose the IP address of the interface from which the clients access the SQL Server. 

blobid6.png

If there is a 0 in the TCP Dynamic Ports property, remove it and enter the port you would like to use in the TCP Port property. 

8. Restart SQL Server for the changes to take effect. 

In the connection string, you must specify which port on the client system is to be accessed by designating the server as follows: 

 

<server_name>,<port>  (server name and port name separated by a comma). 

For example: SQL1,7500 if you set the TCP port as 7500. 

A full connection string example: 

Data Source= SQL1,7500;Initial Catalog=YOURDB;
User Id=YOURUSER;Password=YOURPASSWORD;
 

 
You can check if the port is still open by using a tool called nmap. 

NMAP (Network Mapper) is a well-known open-source application for doing network scans, security auditing, and identifying network infrastructure vulnerabilities. Finding open ports in a network is one of the most well-known uses of NMAP. 

 

 

 

 

Was this article helpful?
1 out of 1 found this helpful

Comments

0 comments

Article is closed for comments.

Articles in this section

See more