Chapter 1 Securing Your Server and Network (7): Disable SQL Server Browse

Original source: http://blog.csdn.net/dba_huangzj/article/details/38227187, featured folder:http://blog.csdn.net/dba_huangzj/article/details/37906349

Without the author's permission. No one should be published in the form of "original" or used for commercial purposes. I am not responsible for any legal liability whatsoever.

Previous article: http://blog.csdn.net/dba_huangzj/article/details/38082123

Objective:

The SQL Server Browser service actively launches itself when installing a SQL Server cluster or named instance, and it is used to interact with instances of SQL Server on the machine. And let the client send information via the port on which the named instance is listening. To block an instance of SQL Server, you can stop instance execution. Or configured to not respond to broadcast requests.

Realize:

When you upgrade SQL Server, install into a clustered environment, install a named instance, SQL Server Browser starts itself, and is able to check for execution by following these steps and disabling:

1. Open SQL Server Configuration Manager, select the SQL Server service tag, double-click the SQL Server Browser service, and in the Login tab, click Stop. Used to stop the SQL Server Browser service.
2. Select the Services tab and in startup mode, select Disabled:
3. Suppose you have a named instance. You need to set up a fixed tcpport for client access to named instances that can be found in the SQL Server Network configuration node in Configuration Manager to find the appropriate protocol. Right-click on "TCP/IP" to "Properties":
4. In the property page, in IP address, select the IP address used by the client to access the interface of SQL Server, and if the TCP Dynamic ports property is 0, remove and enter the port you want.

5. Restart SQL Server for changes to take effect.
6. Ability to test using the <server name >,<port > in the connection string. For example sql1,8200 (assuming 8200 is defined as TCPPort), the full string:

Data source= sql1,8200;initial catalog=adventureworks2012; User id=fred; password= #Fr3d!;

Original Source:http://blog.csdn.net/dba_huangzj/article/details/38227187. Featured folder:http://blog.csdn.net/dba_huangzj/article/details/37906349

Principle:

The default instance listens on 1433port, assuming that a named instance is installed, and the port is dynamically assigned when the service restarts/starts, in order to access the port and start the TCP session. The client sends a request to SQL Server browser to listen on UDP 1434port.

In addition, the client sends a broadcast request to the network to search for a SQL Server instance that is available, and SQL Server Browser is responsible for responding to this request, assuming there is only one instance. SQL Server Browser is not necessary, and the default installation is disabled, and disabling browser can improve security in multi-instance environments.

A lot of other information:

Suppose you want to keep the dynamic port function but you want to block the instance. To enable SQL Server browser to not display instances of SQL Server, simply open the SQL Server Network Configuration node in SQL Server Configuration Manager and right-click on "< instance name > Protocols" To open properties, on the Flags page, on the Hide instance "Select Yes to".

Filed under: http://blog.csdn.net/dba_huangzj/article/details/38263043

Chapter 1 Securing Your Server and Network (7): Disable SQL Server Browse