Information
If installed, a default SQL Server instance will be assigned a default port of TCP:1433 for TCP/IP communication. Administrators can also manually configure named instances to use TCP:1433 for communication. TCP:1433 is a widely known SQL Server port and this port assignment should be changed. In a multi-instance scenario, each instance must be assigned its own dedicated TCP/IP port.
Using a non-default port helps protect the database from attacks directed to the default port.
Solution
- In SQL Server Configuration Manager in the console pane, expand SQL Server Network Configuration expand Protocols for
<InstanceName>
, and then double-click the TCP/IP protocol
- In the TCP/IP Properties dialog box, on the IP Addresses tab, several IP addresses appear in the format IP1 IP2 up to IPAll One of these is for the IP address of the loopback adapter, 127.0.0.1 Additional IP addresses appear for each IP Address on the computer.
- Under IPAll change the TCP Port field from 1433 to a non-standard port or leave the TCP Port field empty and set the TCP Dynamic Ports value to 0 to enable dynamic port assignment and then click OK
- In the console pane, click SQL Server Services
- In the details pane, right-click SQL Server (
<InstanceName>
) and then click Restart to stop and restart SQL Server.
Impact:
Changing the default port will force the DAC (Dedicated Administrator Connection) to listen on a random port. Also, it might make benign applications, such as application firewalls, require special configuration. In general, you should set a static port for consistent usage by applications, including firewalls, instead of using dynamic ports which will be chosen randomly at each SQL Server start up.