I checked my SQL Server 2008R2 log in Log File Viewer and found out that someone from China keeps trying to login as ‘SA’ all the time, but failed of course.
Is there anyway to prevent these hackers attacking my server?
Thanks in advance.
Use firewalls – why on earth is that port (or any ports on an SQL server) open to the rest of the world?
Most business have multiple network tiers;
- start with a firewalled/load-balanced web tier which has a firewall between it and the application tier allowing just the specific IPs and ports of known web servers in the web tier to talk to specific application servers in the application tier.
- the application tier can only talk to specific IPs and ports in the web tier and can only talk to the DB server, again firewalled, by IP and port.
- the DB tier which again is firewalled and only allowed to talk to the application tier servers by IP and port.
Some (myself included) also have a secure tier behind the DB tier to handle any data that’s particularly sensitive or contractually has to be more secure.
This is a model used extensively and generally proves to be very safe. The idea of exposing your SQL management port outside literally made my spine shiver, please stop this or you WILL be back looking for THIS.
Check more discussion of this question.