What range TCP/IP Port should be give to default or named instance of sql server for security purpose to sql server ?

Similar Messages

• What are policy firewall port should be permit between meetingplace web external and internal

  I deploy MeetingPlace Web Conferencing with SMA.
  1. What are policy firewall port should be permit between meetingplace web external and internal (web external on DMZ zone and web internal on internal zone)?
  2. Synchronized Globally Unique Identifiers (GUIDs) between internal and external Web Servers used firewall port?

  Hi,
  List of Firewall pots to be opened are mentioned in following document, you can refer your deployment type and open ports as mentioned.
  http://docwiki.cisco.com/wiki/Cisco_Unified_MeetingPlace_Release_8.5_--_System_Requirements_for_Audio-Only_Deployments
  http://docwiki.cisco.com/wiki/Cisco_Unified_MeetingPlace_Release_8.5_--_System_Requirements_for_WebEx-Scheduling_Deployments
  http://docwiki.cisco.com/wiki/Cisco_Unified_MeetingPlace_Release_8.5_--_System_Requirements_for_MeetingPlace-Scheduling_Deployments
  Regards
  Ronak patel

• I received a phishing email from what I thought was my bank.  Do I need to do anything to my MAC for security?

  I received a phishing email from what I thought was my bank.  Do I need to do anything to my MAC for security? I have no anti-virus software.

  Evelyn, there is nothing that can prevent you or anyone from falling victim to those attempts to defraud you – other than you.
  "Phishing" scams are the most common way of getting people to voluntarily supply information that should be kept as secure as any other personal possession. "Anti-virus" solutions can't possibly prevent that sort of fraud, and if anything can only lull you into falsely believing you're being protected from threats, be they real or perceived.
  Do you have any further advice so that I don't fear my Mac?
  There is no reason to fear your Mac; it's a tool to be used for your sole benefit. Like any tool though, it can be misused. If there is any explanation for fear, it's a lack of education. Knowledge conquers fear and renders it inert. Learn what real threats actually exist, how to defend yourself from them, and how to distinguish them from those propagated by fear mongering psychopaths that justify their existence by keeping others misinformed. There are an abundance of the latter.
  There will always be threats to your information security associated with using any Internet - connected communications tool:
  You can mitigate those threats by following commonsense practices
  Delegating that responsibility to software is an ineffective defense
  Assuming that any product will protect you from those threats is a hazardous attitude that is likely to result in neglecting point #1 above.
  OS X already includes everything it needs to protect itself from viruses and malware. Keep it that way with software updates from Apple.
  A much better question is "how should I protect my Mac":
  Never install any product that claims to "clean up", "speed up",  "optimize", "boost" or "accelerate" your Mac; to "wash" it, "tune" it, or to make it "shiny". Those claims are absurd.Such products are very aggressively marketed. They are all scams.
  Never install pirated or "cracked" software, software obtained from dubious websites, or other questionable sources.
  Illegally obtained software is almost certain to contain malware.
  "Questionable sources" include but are not limited to spontaneously appearing web pages or popups, download hosting sites such as C net dot com, Softonic dot com, Soft pedia dot com, Download dot com, Mac Update dot com, or any other site whose revenue is primarily derived from junk product advertisements
  If you need to install software that isn't available from the Mac App Store, obtain it only from legitimate sources authorized by the software's developer.
  Don’t supply your password in response to a popup window requesting it, unless you know what it is and the reason your credentials are required.
  Don’t open email attachments from email addresses that you do not recognize, or click links contained in an email:
  Most of these are scams that direct you to fraudulent sites that attempt to convince you to disclose personal information.
  Such "phishing" attempts are the 21st century equivalent of a social exploit that has existed since the dawn of civilization. Don’t fall for it.
  Apple will never ask you to reveal personal information in an email. If you receive an unexpected email from Apple saying your account will be closed unless you take immediate action, just ignore it. If your iCloud, iTunes, or App Store account becomes disabled for valid reasons, you will know when you try to buy something or log in to this support site, and are unable to.
  Don’t install browser extensions unless you understand their purpose. Go to the Safari menu > Preferences > Extensions. If you see any extensions that you do not recognize or understand, simply click the Uninstall button and they will be gone.
  Don’t install Java unless you are certain that you need it:
  Java, a non-Apple product, is a potential vector for malware. If you are required to use Java, be mindful of that possibility.
  Java can be disabled in System Preferences.
  Despite its name JavaScript is unrelated to Java. No malware can infect your Mac through JavaScript. It’s OK to leave it enabled.
  Beware spontaneous popups: Safari menu > Preferences > Security > check "Block popup windows".
  Popup windows are useful and required for some websites, but unsolicited popups are commonly used to deceive people into installing unwanted software they would never intentionally install.
  Popups themselves cannot infect your Mac, but many contain resource-hungry code that will slow down Internet browsing.
  If you ever receive a popup window indicating that your Mac is infected with some ick or that you won some prize, it is 100% fraudulent. Ignore it. The more insistent it is that you upgrade or install something, the more likely it is to be a scam. Close the window or tab and forget it.
  Ignore hyperventilating popular media outlets that thrive by promoting fear and discord with entertainment products arrogantly presented as "news". Learn what real threats actually exist and how to arm yourself against them:
  The most serious threat to your data security is phishing. Most of these attempts are pathetic and are easily recognized, but that hasn't stopped prominent public figures from recently succumbing to this age-old scam.
  OS X viruses do not exist, but intentionally malicious or poorly written code, created by either nefarious or inept individuals, is nothing new.
  Never install something without first knowing what it is, what it does, how it works, and how to get rid of it when you don’t want it any more.
  If you elect to use "anti-virus" software, familiarize yourself with its limitations and potential to cause adverse effects, and apply the principle immediately preceding this one.
  Most such utilities will only slow down and destabilize your Mac while they look for viruses that do not exist, conveying no benefit whatsoever - other than to make you "feel good" about security, when you should actually be exercising sound judgment, derived from accurate knowledge, based on verifiable facts.
  Do install updates from Apple as they become available. No one knows more about Macs and how to protect them than the company that builds them.
  Summary: Use common sense and caution when you use your Mac, just like you would in any social context. There is no product, utility, or magic talisman that can protect you from all the evils of mankind.

• SQL Server 2012 - 3 SQL clustered instances - one default/ two named instances - how assign/should assign static ports for named instances

  We have two physical servers hosting 3 SQL 2012 clustered instances, one default instance and two named instances.
  The default instance is using port 1433 and the two named instances are using dynamic port assignment.
  There is discussion about assigning static port numbers to the two named clustered SQL instances.
  What is considered best-practice?  For clustered named instances to have dynamic or static ports?
  Are there any pitfalls to assigning a static port to a named instance that is a cluster?
  Any help is greatly appreciated

  Hi RobinMCBC,
  In SQL server the default instance has a listener which listens on the fixed port which is TCP port 1433. And for the named instance the port on which the SQL server listens is random and is dynamically selected when the named instance of the SQL server
  starts.
  For Standalone instance of the SQL server we can change the dynamic port of the named instance to the static port by using SQL server configuration manager as other post, however, in case of the cluster, when we change the port no. of the named instance
  to the static port using the method described above, the port no. again changes back to the dynamic port after you restart the services. I recommend you changing the Dynamic port of the SQL Server to static port 
  on all the nodes , disabling and enabling the checkpointing to the quorum.
  For more information, you can review the following article about how to change the dynamic port of the SQL Server named instance to an static port in a SQL Server 2005 cluster.
  http://blogs.msdn.com/b/sqlserverfaq/archive/2008/06/02/how-to-change-the-dynamic-port-of-the-sql-server-named-instance-to-an-static-port-in-a-sql-server-2005-cluster.aspx
  Regards,
  Sofiya Li
  Sofiya Li
  TechNet Community Support

• Sql server 2012 express - tcp/ip connection to named instance using dynamic port not working

  I have a named instance on a SQL 2012 Express server that won't connect via TCP/IP when wanting to connect off of the dynamic port.  I can connect via shared memory locally on the server.   I can connect to the namespace when specifying the
  dynamic port listed in the configuration manager.  
  This is the only named instance on the server and it is not the default.
  TCP/IP is enabled
  Allow Remote connections is enabled
  the server browser service is running
  I can connect via the dynamic port number
  I am testing the connection locally on the server, so I don't believe a firewall is the issue.  I get the same results if I test it from a remote computer.
  When using the sqlcmd (sqlcmd -S tcp:SQLSRVR\NAMEINST -E) I get the message that "the requested protocol isn't supported [xfffffffff]".   The command (sqlcmd -S tcp:SQLSRVR\NAMEINST,59992 -E) works.
  Through SSMS, I get the message "the connection was actively refused".
  On other boxes, I can connect with the named instance without having to specify the port. 
  I have looked through the sql logs and nothing much shows up.  The log does show that is listening on the port # for ipv4 and ipv6.   There is also a line in there talking about the SPN not being registered and not to worry about it if
  you are not using Kerberos.  I logged in through shared memory and it said I was using NTLM.
  Any help would be appreciated.
  thanks.

  Hi clw,
  I’m writing to follow up with you on this post. According to your description, I do a test, if you configure the database engine to listen on a specific TCP port (59992), and
  the port is opened in the firewall. If you want to connect to the SQL Server instance, you 'd better to
  use the port number.
  In my opinion, by default, the default instance of the Database Engine uses port 1433, usually, if you have configured the server to listen on a non-default port number, when an instance of SQL Server uses dynamic port allocation, the connection string that
  is built at the SQL Server client does not specify the destination TCP/IP port unless the user or the programmer explicitly specifies the port. Therefore, the SQL Server client library queries the server on UDP port 1434 to collect the information about the
  destination instance of SQL Server.
  If UDP port 1434 is disabled, the SQL Server client cannot dynamically determine the port of the named instance of SQL Server. Therefore, the SQL Server client may be unable to connect to the named instance of SQL Server. In this situation, the SQL Server
  client must specify the dynamically allocated port where the named instance of SQL Server is listening.
  For more information about configuring an instance of SQL Server to listen on a specific TCP port or dynamic port, you can review the following article.
  https://support.transfrm.com/entries/503111-How-to-configure-an-instance-of-SQL-Server-to-listen-on-a-specific-TCP-port-or-dynamic-port
  Thanks,
  Sofiya Li
  Sofiya Li
  TechNet Community Support

• ACE: Can I loadbalance based on client Source IP/and client tcp source port?

  We recently migrated serving a client from being thick client at the desktop to being served via a citrix farm.  Prior to the migration the clients came from about 5000 unique source IP's to their VIP, now they come from only 31 unique source IP's from the citrix servers in the farm. A citrix server can host 400 client sessions, since the default action of the ACE is to loadbalance based on source IP's, the ACE is sending up to 400 sessions from one citrix server to 1 real server in the farm.  Is there anyway I can loadbalance based on client source IP and tcp source port so the ACE views the 400 sessions from one citrix server as unique sessions?  The application does not require persistence.

  Hello,
  Yes, you can configure a "Sticky Layer 4 Payload" as descirbed on this Link:
  http://www.cisco.com/en/US/docs/interfaces_modules/services_modules/ace/vA2_3_0/command/reference/sticky.html#wp1039276
  Unfrotunately I do not have any working example. You must calculate the right values for the Offset and the Length to configure.
  Regards Jean-Marc

• One of the e-mails in my ipad deletes messages automatically after reading without backup.  what do I do to correct this so that my mails would remain in the inbox after reading for reference purpose

  One of the e-mails in my ipad deletes messages automatically after reading without backup.  What do I do to correct this so that my mails would remain in the inbox for reference purpose?

  As you are on a residential service you have to wait for engineer availability priority is given to Business users as they get a different service level agreement also using a residential line for business use can leave you open for suspension or cancellation of service as it breach's the terms and conditions
  If you want to say thanks for a helpful answer,please click on the Ratings star on the left-hand side If the reply answers your question then please mark as ’Mark as Accepted Solution’

• Urgent: What ports should be required in DMZ zone?

  Hi,
  I am thinking the ports question might need to posted here. Please have a look on my posting in the following link:
  Urgent: What ports should be required in DMZ zone?
  Thanks and Regards,

  Thanks, Ravi.
  The environment I am working now won't allow me to guess and test. We are on the project and to submit a change request would take very long. So I need submit all neccessary ports correctly at one time.
  Could anybody give me any suggestion? I read the TCP/IP ports for SAP documentation. But I don't think it can answer my questions above.

• I bought my iphone 5s a week before and now its volume "up" button is not working when pressed.Does anybody know what to do to make it work?I have a one year warranty.Should i give it to apple retail shop or is there any way to solve this problem?

  I bought my iphone 5s a week before and now its volume "up" button is not working when pressed.Does anybody know what to do to make it work?I have a one year warranty.Should i give it to apple retail shop or is there any way to solve this problem?

  IF it is a manufacturing defect and you bought the device from Apple or an authorized Apple retailer, then take it into Apple.

• Should I block TCP/UDP ports 135 to 139 on my router?

  For the sake of Internet and Desktop security should I block TCP/UDP ports 135 to 139 both ways at all times on my router?  This seems to be recommended for Windows environments. Does Mavericks need these ports for its proper operation?  When tested, ports 135, 137,18 show as closed whereas all other ports are Stealth.  Ideally, they should all be Stealth.

  Have a read here: http://securityspread.com/2013/07/26/firewall/
  Stealth is just as good as closed, some would argue that stealth is just as much of a giveaway of the port being present as it being closed.
  The specific ports you mention pose no risk to OS X as far as I am aware.

• What is the recommended static port range for SQL Server 2008 to SQL Server 2014 named instance?

  I want to assign a static port to SQL Server 2008 to SQL Server 2014 named instance.   Should the port be greater than 49151?  The following links give contradicting information:
  https://msdn.microsoft.com/en-us/library/ms177440(v=sql.105).aspx
  Avoid numbers greater than 49151 which Windows might select for other purposes.
  https://technet.microsoft.com/en-us/library/ms345327(v=sql.100).aspx
  Port numbers should be assigned from numbers 49152 through 65535
  Thanks..

  I would still pick a port number below the ephemeral list (dynamic port usage [41952-65535]) as it'll reduce the chances of having a port collision when SQL Server starts up.
  Also, I'd stick to lower numbers if possible (<25,000) as some firewalls skew higher port numbers to be more malicious (if heuristics are used).
  -Sean
  The views, opinions, and posts do not reflect those of my company and are solely my own. No warranty, service, or results are expressed or implied.

• What port should iCloud mail be on on my mac

  what server port should iCloud mail be on on my mac and what should the incoming mail server address be?

  All depends on your TV and what inputs it has available. You will need Mini Display to either HDMI, DVI, or VGA. You will also need an audio cable for sound.

• What port should my email be set on?

  What port should my Mac mail be set on?  Mine says "995" but my email provider at Comcast states other settings such as  "587" or "465".

  I did --that is where they said "587" or "465" but they don't state whether they are incoming, outgoing or whatever.  Do I change the number on the Mac Mail port to one of those numbers?  Maybe I will just email Comcast & ask them.  Thanks

• What TCP/UDP ports need to be open for VPN Client version 4.8?

  What TCP/UDP ports need to be open for Cisco VPN Client version 4.8 to work?
  Thanks,

  Normally, you need the following ports and protocol :
  UDP 500
  UDP 4500
  ESP
  In case, you are using IPSec over TCP you have to open, TCP port 10000 or any other port you want to use for IPSec connections (Its configurable).
  -Kanishka

• What provision should i give to user accessing applications via Smartview?

  What provision should i give to user accessing applications via Smartview in Shared Services.?
  Would Server access do? Or i need to give something else?
  Requirement is tht the user should be able to retrive and submit data via Smartview.

  You need to provision the user with server access - this will give the user the ability to connect to the Essbase server in Smart View only. The user will not see any applications listed.
  Then provision the user as write on each application you want them to see and submit data.
  Regards,
  Robb Salzmann