Good morning all.
We are currently build a SQL box on Amazon (currently MSSQL, but moving to MySQL soon...) and i have set the firewall in Amazon to only allow connections from our main network IP address and 2 other security groups on Amazon (web servers and worker roles). Anyway, it seems that this firewall rule is not working as planned... checking the SQL server logs i am getting a load of requests from other IP addresses trying to get in to the instance (trying to guess the SA password). this seems to be accounting for quite a lot of traffic and CPU usage...
So, what should i be doing to lock down my instance? I though that only allowing machines in my own security group and my own network would lock down a lot of this on a network level... Am i missing something?
Presumably you are paying amazon for the service and support - they should be your first port of call if the firewall is not blocking connections.
If I was running a remote database, then I'd restrict access via a VPN as well as a firewall.
Although its just security by obscurity if the problem is just the amount of noise, then running the server on a non-standard port may help.