Hiding instances of SQL Server 2005

By:   |   Comments (3)   |   Related: > Security


Problem

One of the nice things about SQL Server 2005 is that it is pretty easy to find what machines have SQL Server installed. If you open up SQL Server Management Studio and browse for servers or browse for instances of SQL Server with some other utility it is pretty easy to find all of the installed instances on your network. Is there any way to not have the name of your SQL Servers broadcasted so other people can't find the server without knowing the name of the server and/or instance name?

Solution

In SQL Server 2005 there is an option to allow you to hide an instance of SQL Server, so the name of the instance is not exposed to other machines on your network. By default this option is off, but this can easily be changed using the SQL Server Configuration Manager.

Here are two screen shots using SQL Server Management Studio on the same machine as where the instance of SQL Server is installed. As you can see when looking at the Local Servers as well as the Network Servers all three instances of SQL Server are exposed.

browse1 offbrowse2 off

To change this, so we don't expose the name of the SQLEXPRESS instance we need to make a change in SQL Server Configuration Manager. To do this launch SQL Server Configuration Manager and do the following: select the instance of SQL Server, right click and select Properties.

config manager

After selecting properties you will get a window similar to the below image. In order to hide the name of the instance just set Hide Instance to "Yes" and click OK or Apply.

hide off

After the change is made, you need to restart the instance of SQL Server to not expose the name of the instance. Here are two new screen shots after this has been changed. As you can see the name of the instance is still exposed in the Local Servers list, but not in the Network Servers list. This would be the same if anyone tried to browse from another client machine, they would only see the two instances that are still exposed.

browse1browse2

Next Steps
  • As you can see this is a pretty easy step to further secure the instances of SQL Server on your network.
  • By using both this technique and always using Named Instances of SQL Server you can make the process of finding the machines a bit harder for people to access.
  • Take a look at other security related tips on MSSQLTips.com


sql server categories

sql server webinars

subscribe to mssqltips

sql server tutorials

sql server white papers

next tip



About the author
MSSQLTips author Greg Robidoux Greg Robidoux is the President and founder of Edgewood Solutions, a technology services company delivering services and solutions for Microsoft SQL Server. He is also one of the co-founders of MSSQLTips.com. Greg has been working with SQL Server since 1999, has authored numerous database-related articles, and delivered several presentations related to SQL Server. Before SQL Server, he worked on many data platforms such as DB2, Oracle, Sybase, and Informix.

This author pledges the content of this article is based on professional experience and not AI generated.

View all my tips


Comments For This Article




Wednesday, August 2, 2017 - 9:29:32 PM - Gabriel Herrera Back To Top (63815)

 Hi Greg, very useful tip, I would really appreciate if you could give me some advice in order to unhide an SQL instance that was deliberately hidden. 

Thanks in advance

-Gabriel

 

Wednesday, July 8, 2015 - 10:05:00 AM - Greg Robidoux Back To Top (38151)

Hi Clayton, I think not having the SQL Browser service running would also do this.  It also looks like if the Browser service is running this could still hide the instance.

-Greg

Wednesday, July 8, 2015 - 8:18:08 AM - Clayton Hoyt Back To Top (38149)

Hi Greg

Would turning off SQL Browser provide the same effect? I've always seen using this option as a "backup" in case SQL Browser was turned on.














get free sql tips
agree to terms