Security Basics mailing list archives

RE: SQL & MSDE and Ports 1433 and 1434

From: "Eric Zatko" <EZatko () co lucas oh us>
Date: Thu, 13 Feb 2003 10:01:01 -0500

Good day all...

Great point H C. I suspected the same thing and have tried that...  After doing a "netstat -a -n" on the server, I find 
that it shows the SQLserver listens on port 1433 (TCP, not UDP). It doesn't show anything listening for UDP on 1433 or 
1434.

I am confused.

Thanks,
Eric

H C <keydet89 () yahoo com> Thursday, February 13, 2003 8:39:02 AM >>>

Since it seems that both MS SQL Server and MSDE are
vulnerable to the Slammer exploit (if unpatched), one
would think that the most obvious first approach would
be to see if anything is actually listening on UDP
1434.  Given the issues that can arise w/ a remote
nmap scan of a system, perhaps the most obvious
approach would be to run netstat and/or fport on the
system in question.  This should tell you pretty
definitively whether or not something is even
listening on the port in question.

__________________________________________________
Do you Yahoo!?
Yahoo! Shopping - Send Flowers for Valentine's Day
http://shopping.yahoo.com

Current thread:

SQL & MSDE and Ports 1433 and 1434 Eric Zatko (Feb 12)
- Re: SQL & MSDE and Ports 1433 and 1434 Michael McCallum (Feb 12)
- RE: SQL & MSDE and Ports 1433 and 1434 John Tolmachoff (Feb 13)
- <Possible follow-ups>
- RE: SQL & MSDE and Ports 1433 and 1434 Sutton, Reed (Feb 12)
- RE: SQL & MSDE and Ports 1433 and 1434 Visser, Ernest (Feb 13)
- RE: SQL & MSDE and Ports 1433 and 1434 H C (Feb 13)
- RE: SQL & MSDE and Ports 1433 and 1434 Eric Zatko (Feb 13)
- RE: SQL & MSDE and Ports 1433 and 1434 Hugh Mc Gauran (Feb 13)
- RE: SQL & MSDE and Ports 1433 and 1434 Stefan Lister (Feb 14)