1.一台服务器上装了2个instance
先装的default instance默认port是1433
另一个named instance里,找不到相关的Port设置,SQL Server configuration manager那里是空的,是啥意思?
2. 另外还想问一下,什么是UDP 1434是什么啊,跟TCP port什么区别呢
有一个finding,说让我改这个 :
This solution shows how to remove the TCP information regarding database instances on the SQL server. However, other sensitive information is still accessible if UDP port 1434 is available.
Please note: This solution will change the TCP listening port of the SQL server to 2433. Applications that require SQL connections
and/or access control lists may need to be reconfigured.
To address this issue, set the following registry key to 1:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\ SuperSocketNetLib\Tcp\TcpHideFlag
To do this:
1. Click Start > Run. Type Regedt32.exe and click OK.
2. Go to the following key in the registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSQLServer\MSSQLServer\ SuperSocketNetLib\Tcp\TcpHideFlag
3. On the Edit menu, double-click TcpHideFlag.
4. Change the Value Data to 1.
5. Exit the Registry Editor and restart the computer for the change to take effect.
Once the TcpHideFlag is set, the SQL Resolution Service will still respond to queries over UDP port 1434, but without the TCP
instance information.
For more information on SQL hardening:
http://www.nextgenss.com/papers/tp-SQL2000.pdf
------解决方案--------------------
你最好把另外一个实例的端口更改为不是1433.
服务器网络实用工具-->常规-->启用的协议-->TCP/IP-->属性-->默认端口