How to stop other application accessing SQL port 1433

SQLServerCentral is supported by Red Gate Software Ltd.

Popular Topics

Home

Members

Calendar

Who's On

Home » SQL Server 2005 » Administering » How to stop other application accessing SQL...

How to stop other application accessing SQL port 1433

Rate Topic

Display Mode

Topic Options

Author

Message

himanshu.sinha

Posted Tuesday, August 21, 2012 1:50 AM

Forum Newbie

Group: General Forum Members
Last Login: Wednesday, October 17, 2012 1:45 PM
Points: 4, Visits: 13

We are planning to do some maintanance on SS 2008 and we DO NOT want any users / application accessing the SQL server during that time .

The ask is , is there anyway by which I can stop the access of the all the IP on the SQL port 1433 . if I am not wrong I think I can block it using IP Security policy .....but was just trying to know if is there other way out ......Single user is NOT an option here .

Thanks
Himanshu

Post #1347617

durai nagarajan

Posted Tuesday, August 21, 2012 3:04 AM

SSC Eights!

Group: General Forum Members
Last Login: Today @ 6:32 AM
Points: 847, Visits: 2,092

A simple option disable the user which applciation uses and enable it once the activity completes.

other option is change the sql port and restart the sql service and who ever knows the port only can connect.

Regards
Durai Nagarajan

Post #1347643

Joy Smith San

Posted Tuesday, August 21, 2012 10:34 PM

Ten Centuries

Group: General Forum Members
Last Login: Today @ 1:07 AM
Points: 1,370, Visits: 2,287

durai nagarajan (8/21/2012)

A simple option disable the user which applciation uses and enable it once the activity completes.

Will have to do one by one, is it ?

Post #1348177

MissTippsInOz

Posted Tuesday, August 21, 2012 10:41 PM

SSC Veteran

Group: General Forum Members
Last Login: Monday, April 29, 2013 10:39 PM
Points: 286, Visits: 519

You could just disable the TCP/IP protocol?

Clare
_________________________________________________________________________________________________________________
Measure twice; cut once (and have a good saw)

Hey, just a thought.....did you check Books Online yet?

Post #1348178

ALZDBA

Posted Tuesday, August 21, 2012 11:54 PM

SSCertifiable

Group: General Forum Members
Last Login: Today @ 5:15 AM
Points: 6,861, Visits: 8,046

Just disable the logins and the engine won't let anybody in !
It works as well for SQLUsers as for windows logins and groups.

ALTER LOGIN [AnySQLUser] DISABLE ;

ALTER LOGIN [yourdomain\your_windowsgroup_EXEPT_SQL_ADMINS] DISABLE ;

Generate your scripts ( disable and enable ) up front and only touch the accounts you need !

No hassle with login triggers, ports, protocols, ...

Don't disable your SQLAdmins !

Just keep in mind to re-enable the disabled logins after your maintenance !

Johan

     Jul 13

Don't drive faster than your guardian angel can fly ...
but keeping both feet on the ground won't get you anywhere w00t

- How to post Performance Problems
- How to post data/code to get the best help

- How to prevent a sore throat after hours of presenting ppt ?

"press F1 for solution", "press shift+F1 for urgent solution" BigGrin

Need a bit of Powershell? How about this

Who am I ? Sometimes this is me but most of the time this is me Hehe

Post #1348192

himanshu.sinha

Posted Tuesday, August 21, 2012 11:56 PM

Forum Newbie

Group: General Forum Members
Last Login: Wednesday, October 17, 2012 1:45 PM
Points: 4, Visits: 13

Disabling the TCP/IP .....sounds good ... Wink

...Will test this and let you guys know . But I foumd that we can block it using IPSEC policy .

Post #1348193

ALZDBA

Posted Wednesday, August 22, 2012 12:10 AM

SSCertifiable

Group: General Forum Members
Last Login: Today @ 5:15 AM
Points: 6,861, Visits: 8,046

Apparently you didn't want to do a one by one approach, just generate your stuff !

Select 'ALTER LOGIN ['+ name + '] DISABLE ; '

from sys.server_principals
/* exclude disabled accounts, sysadmins and ##-accounts */
where is_disabled = 0
and IS_SRVROLEMEMBER('sysadmin', name) = 0
and name not like '##%'

order by name ;

/* only re-enable the ones you disabled !! */
Select 'ALTER LOGIN ['+ name + '] ENABLE ; '

from sys.server_principals
/* exclude disabled accounts, sysadmins and ##-accounts */
where is_disabled = 0
and IS_SRVROLEMEMBER('sysadmin', name) = 0
and name not like '##%'

order by name ;

Run the full script up front to generate ALL you need !!

Johan

     Jul 13

Don't drive faster than your guardian angel can fly ...
but keeping both feet on the ground won't get you anywhere w00t

Need a bit of Powershell? How about this

Who am I ? Sometimes this is me but most of the time this is me Hehe

Post #1348197

behrang1360

Posted Wednesday, August 22, 2012 6:33 AM

Forum Newbie

Group: General Forum Members
Last Login: Tuesday, November 20, 2012 5:22 AM
Points: 4, Visits: 15

when you want to develop your data base and don't want to let other users to access to you db server
you can change Sql sever db from multi user to single user so that you can access the database as Admin(sa user)

Post #1348345

Jimbo Jones

Posted Thursday, August 23, 2012 5:33 PM

Forum Newbie

Group: General Forum Members
Last Login: Sunday, November 11, 2012 11:32 PM
Points: 4, Visits: 77

You could also tell the firewall to block port 1433.

Post #1349395

« Prev Topic | Next Topic »

Permissions