CyberSecC@ptBlackb3ard
  • 🦜Welcome
  • Cyber Security
    • Offensive Security
      • Penetration Testing Methodology
      • Pre-Engagement Interaction
      • Reconnaissance (Information Gathering)
        • Open-Source Intelligence (OSINT)
      • Scanning and Enumeration
        • Domain Enumeration
        • Network Enumeration
          • Network Mapper (nmap)
          • Port/Protocol & Service Enumeration & Attack
            • File Transfer Protocol (FTP): 20, 21
              • Trivial File Transfer Protocol (TFTP): 69
              • FTP over SSL/TLS (FTPS): 989, 990
            • Secure Shell (SSH): 22
            • Telnet: 23
            • Simple Mail Transfer Protocol (SMTP): 25
              • SMTP Secure (SMTPS): 587
            • Domain Name System (DNS):53
            • Dynamic Host Configuration Protocol (DHCP): 67, 68
            • Hyper Text Transfer Protocol (HTTP): 80
              • HTTP over SSL/TLS (HTTPS): 443
            • Kerberos: 88
            • Post Office Protocol version 3 (POP3): 110
            • Network Time Protocol (NTP): 123
            • Remote Procedure Call (RPC): 135
            • NetBIOS: 137, 138, 139
            • Internet Message Access Protocol (IMAP): 143
            • IMAP over SSL/TLS: 933
            • Internet Relay Chat (IRC): 194
            • Light Weight Directory Access Protocol (LDAP): 389
              • LDAP over SSL/TLS (LDAPS): 636
            • Server Message Block (SMB): 445
              • Hostname
              • Shared Folders
            • Network File System (NFS): 2049
            • Microsoft SQL Server: 1433
            • MySQL Server: 3306
            • PostgreSQL Server: 5432
            • Remote Desktop Protocol (RDP): 3389
            • Border Gateway Protocol (BGP): 179
            • Remote Authentication Dial-In User Service (RADIUS): 1812, 1813
        • Web Enumeration
      • Security Assessment Report Writing
      • Tools
        • Cryptography & Encoding
          • Password Recovery
        • Network Tools
  • Networking
    • OSI and TCP/IP Model
      • Common Network Ports & Protocols
  • Cloud
    • Cloud Computing
  • General
    • Cyber Security Theory
      • Information Security
      • Cybersecurity Resilience
      • Cybersecurity Posture
    • Terms and Acronyms
    • Database Cheat Sheets
Powered by GitBook
On this page
  1. Cyber Security
  2. Offensive Security
  3. Scanning and Enumeration
  4. Network Enumeration
  5. Port/Protocol & Service Enumeration & Attack

Microsoft SQL Server: 1433

Security Weaknesses

  • SQL injection attacks.

  • Weak configuration allowing unauthorized access.

  • Vulnerabilities in older versions.

Security Defense and Mitigation Measures

  • Enforce strong authentication and input validation.

  • Use encrypted connections (TLS/SSL).

  • Apply regular patches and updates to the server.

Indicators of Compromise or Attack

  • High volumes of unusual SQL queries.

  • Unauthorized changes to database structures.

  • Failed login attempts in SQL Server logs.

PreviousNetwork File System (NFS): 2049NextMySQL Server: 3306

Last updated 5 months ago