Search
  • Adam Thurgar
    • Mar 8, 2018
    • 1 min read

Changing endpoint ports and owners


Most people know that SQL Server is installed on TCP port 1433 by default. This usually gets changed as it is a well known security attack vector.

But what happens if you are using database mirroring or availability groups. The default TCP port is 5022 and this is also a security attack vector, but not many people change this port.

You can change this port when you create the database mirroring or the availability group.

Also it is not a difficult change using the ALTER ENDPOINT command, (stop, change port and then start).

So consider using a different port for these features.

In other posts we have raised the problems caused by ownership (database and jobs). This also holds true for endpoints. Once again, endpoints are owned by the user that created them and I like to make sure that they are owned by sa.

You can check the ownership by querying sys.database_mirroring_endpoints and you can change the ownership using ALTER AUTHORIZATION ON ENDPOINT.


5 views

Recent Posts

See All

Cardinality estimator

Recently I was asked by a software vendor to review a particular query that ran in under a second on a SQL Server 2014 installation at a compatibility level of 110 (SQL Server 2012), but when run unde

4Write a comment

Index fragmentation

A law firm client, occasionally has issues with their legal software, that is provided by the global leader in this field. The response from the software provider is always the same - you have index f

2Write a comment

Deleting large amounts of data

I had a client call me about wanting to delete a large amount of data from their database. They knew what tables they wanted to delete from. They also knew that deleting large amounts of data causes t

3Write a comment