Learn more about SQL Server tools

mssqltips logo
 

Tutorials          DBA          Dev          BI          Career          Categories          Webcasts          Scripts          Today's Tip          Join

Tutorials      DBA      Dev      BI      Categories      Webcasts

DBA    Dev    BI    Categories

 

Hiding instances of SQL Server 2005


By:   |   Updated: 2007-03-07   |   Comments (3)   |   Related: More > Security

Problem

One of the nice things about SQL Server 2005 is that it is pretty easy to find what machines have SQL Server installed. If you open up SQL Server Management Studio and browse for servers or browse for instances of SQL Server with some other utility it is pretty easy to find all of the installed instances on your network. Is there any way to not have the name of your SQL Servers broadcasted so other people can't find the server without knowing the name of the server and/or instance name?

Solution

In SQL Server 2005 there is an option to allow you to hide an instance of SQL Server, so the name of the instance is not exposed to other machines on your network. By default this option is off, but this can easily be changed using the SQL Server Configuration Manager.

Here are two screen shots using SQL Server Management Studio on the same machine as where the instance of SQL Server is installed. As you can see when looking at the Local Servers as well as the Network Servers all three instances of SQL Server are exposed.

To change this, so we don't expose the name of the SQLEXPRESS instance we need to make a change in SQL Server Configuration Manager. To do this launch SQL Server Configuration Manager and do the following: select the instance of SQL Server, right click and select Properties.

After selecting properties you will get a window similar to the below image. In order to hide the name of the instance just set Hide Instance to "Yes" and click OK or Apply.

After the change is made, you need to restart the instance of SQL Server to not expose the name of the instance. Here are two new screen shots after this has been changed. As you can see the name of the instance is still exposed in the Local Servers list, but not in the Network Servers list. This would be the same if anyone tried to browse from another client machine, they would only see the two instances that are still exposed.

Next Steps
  • As you can see this is a pretty easy step to further secure the instances of SQL Server on your network.
  • By using both this technique and always using Named Instances of SQL Server you can make the process of finding the machines a bit harder for people to access.
  • Take a look at other security related tips on MSSQLTips.com


Last Updated: 2007-03-07


get scripts

next tip button



About the author
MSSQLTips author Greg Robidoux Greg Robidoux is the President of Edgewood Solutions and a co-founder of MSSQLTips.com.

View all my tips
Related Resources




Post a comment or let the author know this tip helped.

All comments are reviewed, so stay on subject or we may delete your comment. Note: your email address is not published. Required fields are marked with an asterisk (*).

*Name    *Email    Email me updates 


Signup for our newsletter
 I agree by submitting my data to receive communications, account updates and/or special offers about SQL Server from MSSQLTips and/or its Sponsors. I have read the privacy statement and understand I may unsubscribe at any time.



    



Wednesday, August 02, 2017 - 9:29:32 PM - Gabriel Herrera Back To Top

 Hi Greg, very useful tip, I would really appreciate if you could give me some advice in order to unhide an SQL instance that was deliberately hidden. 

Thanks in advance

-Gabriel

 


Wednesday, July 08, 2015 - 10:05:00 AM - Greg Robidoux Back To Top

Hi Clayton, I think not having the SQL Browser service running would also do this.  It also looks like if the Browser service is running this could still hide the instance.

-Greg


Wednesday, July 08, 2015 - 8:18:08 AM - Clayton Hoyt Back To Top

Hi Greg

Would turning off SQL Browser provide the same effect? I've always seen using this option as a "backup" in case SQL Browser was turned on.


Learn more about SQL Server tools