Hi,
I am trying to make my SQL Server 2005 a little more secure by using a non-standard static port. I have already disabled the sa account, but I'm still getting hit at least once a second with an attempt to login to my server from a potential attacker so I thought using a static, non-standard port would do the trick.
I stopped the SQL Browser service, left the port number unspecified for the IP1 and IP2 entries in the SQL Server Configuration Tool and set a non-standard port for IPAll. I thought that was all I needed to do.
I'm using a .NET website to test the connection. I left my connection string in the web.config alone, so I was expecting I would get a login failure when the website attempted to connect to the database. Without a port number specified in the
connection string, it should attempt to connect using the default port and fail, right? But, I'm still able to gain access to the website.
I made sure to restart the SQL Service after making changes. Also, I have verified that the SQL Browser service is not running. Is there any additional information I need to provide?
Thanks in advance for your time.
David