0

I find in my Windows Application logs many external IP addresses trying to connect to my SQL Server 2014. It keeps trying different usernames and passwords.

SQL Server has remote access enabled as we require it. It's a Windows Server 2012 R2.

Is there a way to block the IP addresses or another way to protect against this?

Orion
  • 103
  • 1
  • 3

1 Answers1

1

If you require your SQL Server (TCP 1433) to be accessible via the public internet and you do not know the IP addresses of your clients, then there is unlikely to be much you can do about this other than to:
- ensure that all accounts that have access to the SQL server have very strong passwords
- ensure you are installing the latest security patches for SQL Server and for your OS

However, if you require your SQL Server to be accessible, and you know the IP addresses of your clients (say your web host, or a third party that's sending you data) then you can use the built-in windows Firewall to allow access to the TCP 1433 to only the IPs you specifically allow.

A third alternative might be to move the port to something other than the default, but this is not security - only obscurity.

Dave Lucre
  • 136
  • 3
  • Thank you for the insight. looks like option 2 is what I'm looking for. – Orion Feb 22 '17 at 10:49
  • 1
    I've used your solution and allowed access to the IP required to connect to my database. I notice all other IP's trying to connect with failed credentials no longer in the Windows log file. So this solved my issue 100%. Thank you! – Orion Feb 24 '17 at 02:09