Ensure that Google Cloud VPC network firewall rules do not allow unrestricted access (i.e. 0.0.0.0/0) on TCP port 1433 in order to implement the Principle of Least Privilege (POLP) and reduce the attack surface for the virtual machine (VM) instances associated with these firewall rules. TCP port 1433 is used by Microsoft SQL Server, a secure and performant object-relational database system (RDBMS) developed by Microsoft.
Allowing unrestricted inbound/ingress access on TCP port 1433 (Microsoft SQL Server) via VPC network firewall rules can increase opportunities for malicious activities such as hacking, brute-force attacks, and SQL injection attacks.
To determine if your Google Cloud VPC firewall rules allow unrestricted access on TCP port 1433, perform the following operations:
Remediation / Resolution
To update your VPC network firewall rules configuration in order to restrict Microsoft SQL Server access to trusted, authorized IP addresses or IP ranges only, perform the following operations:
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
Get started for FREE
You are auditing:
Check for Unrestricted SQL Server Access
Risk level: High