Paul & Juliet Wilder
NTL AGAINST SQLSERVER


To my horror on the 8th of June 04 NTL have shut down port 1433 accross their network on a permanent basis.

Microsoft SQL Users can no longer develop software via ODBC accross the Internet or use Enterprise manager. (they have also stopped other ports such as exchange)

This article refers to why NTL have done this: http://www.ntlworld.com/tunnel.php?task=portBlocking There main reason seems to be to stop viruses! Which now, I can't wait to see if they shut down port 80, 110, 25 and 21 since viruses run on those too.

They stopped access without advanced warning stopping my ability to work from home. I now have to find another provider if I cannot convince them to change their mind.

I have huge long term concerns about the use of global port blocking via comms companies and I hope the they don't decide to shut down all but 4 ports of the Internet. Whats next? MSN, Online gamming disabled...Who knows and NTL will do this without any warning.

I think Microsoft should put up a stand against their products been blocked by companies like NTL. They havent blocked competitor databases such as MySQl So I feel its a very anti Microsoft move.

Government guidelines state that we should be able to work from home if we want to, to help reduce congestion and enable more time to be spent with family, however this move ensures that Microsoft SQLServer developers can no longer work from home.

CONTACT ME : juliet@julietwilder.co.uk

SOLUTION UDPATE (By Steve, another person affected)

I'm happy to report that I can now access my SQL server databases through my brand new cable modem instead of my set top box.
Glen would be happy to resolve problems for others in the same predicament (provided there aren't too many!) Please contact me for his phone number, since he is only one guy and doesn't want loads of hassle!!

SOLUTION UDPATE (Dual Ports)

SQLserver can have more than one port allocated to it by adding ports using a comma in the Server Network Utility E.g. 1433,7689

I have tried this on my local machine and it works great. This resolves the ISP problem, since many ISP's cannot just remove port 1433 without causing lots of work and unhappy customers. This way an additional port number can be added to give users time to transfer the port over to the new one - or simply run in parallel to enable users with NTL or other port blocking suppliers to access through a port number that is allowed. (Only problem currently in implementing this it getting a time when no one is connecting to the SQLserver on port 1433, which is a bit tricky as an ISP. If the port is been used when another one is allocated, it doesnt seem to be able to rebind on that port - I think a reboot will ensure it's working, however this is sometime to be avoided if possible)

SUPPORTERS

Thanks so far to the following who have generously gave their knowledge and advice to help resolve this issue for those who are having difficulties:

Steve Pendray
Tobin Harris
Robert Taylor
Paul Armstrong
Charaka Dharma
Andrew Barker
Tara Duggan
Richard Waymire
Michael Schmidt
Paul Durdin
Webade
Denny Figuerres


WORK AROUNDS

NTL is my provider as well, and as far as their general service/attitude is concerned, they are extremely poor. One potential way of circumventing this is to use Open SSH software to tunnel ports, but this would require administration access to the SQL Server box. Typically tunnelling would be set up so that the client application (enterprise manager) would communicate through port 1433 but the tunnelling software would redirect through 433 out of the client PC. At the server end, port 433 would be redirected by the server part of the tunnelling software to the SQL Server on port 1433.

In some ways this is more secure, I am considering using this method so that the only open ports we have into our company network would be 80 and 443. Even the remote desktop protocol can be configured in this way and all communication is encrypted by the tunnelling software. By Paul Armstrong




My Letter of complaint to NTL

Download Complaint Letter to NTL (.doc 33k)

Dear NTL customer complaints department

I am writing as a formal complaint to express my deep concern and unhappiness at the latest changes you have made to your NTL home broadband network.

What you have changed

The article http://www.ntlworld.com/tunnel.php?task=portBlocking refers to the latest updates to your broadband system where you have blocked port 1433 across your network.

I am a Microsoft SQLserver developer. This change has disabled my ability to use the Internet as it was intended and has stopped my access to Microsoft SQLserver completely and without warning.

Below I have summarised my main concerns;

Key Concerns

1. A key issue I think needs addressing is that you have stopped a crucial part of the Internet without warning. One of the main reasons I had broadband installed was to enable me to access SQL server across the Internet. I will now have to suffer a long stretch of downtime, while I get BT reinstalled and another provider up and running (should you not reverse your decision)

2. I was not made aware when signing up to broadband that you were not supplying a full Internet service and that you used port blocking on any port numbers you deemed fit. I would NOT have signed up to your service had I known this in advance.

3. Censorship of the Internet via providers is a large and important step which I think you have taken without considering the full implications. Where does port blocking stop? I have been told you have done this to reduce viruses (which indeed it will) however viruses also run on port 80, 110, 25 and 21. However as I’m sure you are aware, there would be no Internet if you shut those ports down. However port 1433 (TCP), 1434 (UDP) are a required for anyone to access Microsoft SQLserver via the Internet and is as important to me (and many others like me) as port 21 and the other ports mentioned above.

4. There is a sensible level between security and reducing problems versus shutting down the Internet and making it pointless. There are more and more growing technologies on the Internet and blocking ports will stop these new developments from happening. As Technical Director of a B2B ISP, in the end the only way to entirely secure my whole system is to shut down the Internet connection. Now obviously I would then have no business! You have to draw the line somewhere and I feel NTL have just drawn the line over the SQL access and that’s too far over the line. You have stopped an important part of the way the Internet works.

5. New Government guidelines are trying to encourage businesses to have their employees work from home a day or so a week to reduce congestion on the roads and enable people to spend more time with their family. This move you have taken conflicts directly with this government initiative ensuring that I can no longer work from home in my evenings or even on the odd day. This is a significant step in the wrong direction and is working directly against the Government.

I am writing in the hope that along with Letters I have written to Microsoft UK, Computing magazine and the E-minister, I hope that this decision can be reversed. Obviously if it cannot, I will have to cancel my broadband and subscribe to another broadband supplier who does not block crucial ports, along with all the other users that are Microsoft SQLserver programmers.

I hope to hear from you shortly regarding my issues, I will also be writing to Ofcom as per their procedures if this is not resolved.

Kind Regards,



Juliet Wilder


In the Past | Recent | Paul | Juliet