How can I restrict access to my SQL Server so that it only allows certain machines to connect?

Neil Pike

February 4, 2000

1 Min Read
ITPro Today logo in a gray background | ITPro Today

A. SQL Server has no built-in tools/facilities to do this. It also does not have the facility to run a stored-procedure on connection that could be written/used to do this. Therefore you have the following choices :-

1. Put the SQL Server behind a firewall and use that to restrict access. This is the most secure and functional way to do what you want.

2. Write your own ODS Gateway and point the clients at that instead of the SQL Server - the ODS Gateway will then do the checking. However, there is nothing stopping clients figuring out the correct SQL client-config entries to point straight at the SQL Server, bypassing your gateway, so the security on this is limited. There are examples of ODS code in the SQL Programmers Toolkit - available for free download from the Microsoft website. 

3. Write a constantly running/scheduled stored-procedure that checks the relevant column in sysprocesses (net_address), and then issues a KILL command for any processes that should not be running. The net_address column is a layer-2 mac address, and so is much less useful than an IP address. This way allows people to connect and possibly make changes before they are spotted and killed.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like