Hi,
I am new to this forum
and I have a new firewall: Kaspersky Internet security 7.0.1.325
It reports every hour an attack the only diff is that the ip address changes
Intrusion.Win.MSSQL.worm.Helkern 202.99.11.99 UDP 1434
So by googleling "UDP port 1434" I found your forum and registered.
From what I have been able to understand this port is normally used for SQL server. And Some hackers try to penatrate the vulnarabilities of SQL-Server.
What I want to know is by using my firewall to block UDP port 1434 in and out is this a good or bad idea?
By the way I did not install Microsoft SQL Server 2005 yet. I plan to.
By blocking the port I at least have stopped the alerts from my firewall.
But do know how important that port is.
Can someone explain.
thanks in advance
bye, Guy
Hello Guy!
Your firewall should be blocking all the ports by default and it sounds like you are having to block each one individually as you find them.
When you install your database software, be it Microsoft SQL server and any other, you’ll have the option to choose a unique port rather than the standard port. Select that option for added security.
There are a ton of port scanners out there and most won’t dive into trying to figure out what is running on the port, but rather just try to determine if it’s open or closed.
When someone runs a basic port scan against your computer, they are looking for ports commonly associated with applications – when you change the ports, they’ll miss the port or assume you are not running that application.
There are a ton of compromised computers on the net being used as hacking tools to scan other computers, so you can expect to see a lot of scans for all kinds of ports!
Best regards,
Jim.