This step-by-step article describes how to configure a .NET-connected
application and a computer running Microsoft SQL Server to use an alternate port for network communications.
Many recent security breeches have used applications and databases
that were configured to use their default port numbers. For example, a worm that searches
for vulnerable database servers on the Internet might examine only TCP Port
1433. By default, SQL Server uses this port number.
One way to protect your
application from automated attacks (such as viruses and worms) is to change the
default port numbers that your application and database servers use for
communications. Many .NET-connected applications use a SQL Server
database. Therefore, you must reconfigure such applications to communicate with a database where the default port number has been changed. This article describes how to change
both the port number that a computer running SQL Server uses and the port number that a .NET-connected application uses to
communicate with the computer running SQL Server.
Change the SQL Server Port Number
The following section describes the steps to change the
default port that a computer running SQL Server monitors for inbound TCP/IP
- Click Start, point to
Programs, and then point to Microsoft SQL
Server. Click Server Network Utility.
- In the Enabled Protocols list, click
TCP/IP, and then click Properties.
- Change the Default Port to the
port number that you want. By default, the port number is set to 1433.
- Click OK to return to the Server
Network Utility, and then click OK.
- Restart SQL Server to force your changes to take
Change the .NET Configuration
To change the
port that your .NET-connected applications use to connect to Microsoft SQL Server, follow these steps:
- Open your application's .config file in a text editor (such as Notepad). Typically, the
.config file is located in the application’s folder and is named Application Name.config. For ASP.NET applications, this file may be named either
Web.config or Application Name.config.
- Most .NET-connected applications that require a database
permit the system administrator to change the data source. The data source
defines the name and the port number of the database server. However, the way that each
application permits the system administrator to configure the data source varies. Search
in the .config file (or files) for the element that defines the data source.
Typically, the data source definition includes the phrase, data source, datasource, or dsn. For example, the following sample from an <appSettings>
element is typical of how an application defines the data source for database
<add key="appDSN" value="data source=SERVER-NAME;initial catalog=ratings;integrated security=SSPI;persist security info=False;packet size=4096" />
- Change the data source to use your custom port number by
adding a comma and a port number after the database server’s name or IP address.
Use the format, “SERVER-NAME,port”. For example, to configure the application to use a computer running SQL Server
that is named SQLDB, and has a port number of 5656, change the value to data source=SQLDB,5656.
- Save the .config file. ASP.NET applications restart
automatically after you change the data source. You must manually restart all other types of .NET-connected
applications for the change to take effect.
For additional information, click the following article
numbers to view the articles in the Microsoft Knowledge Base:
HOW TO: Secure an ASP.NET Application by Using Windows Security
HOW TO: Secure
an ASP.NET Application Using Client-Side Certificates
HOW TO: Secure Applications That Are Built on the .NET Framework
Article ID: 815146 - Last Review: April 30, 2003 - Revision: 2.5
- Microsoft .NET Framework 1.0
- Microsoft .NET Framework 1.1
|kbsystemdata kbsecurity kbhowtomaster kbconfig KB815146|