When you are scanning an MS-SQL database by a scan engine which is not located in the same domain. The databases are not enumerated or vulnerability results are not avalaliable.
The databases area under the scan results are blank.
The MS-SQL Brower service is not avaliable to the scan engine. As such it can not find MS-SQL servers running on non- standard ports (ie. 1433).
There are two options that you can use:
Note: You will need to create a new scanning template, or copy then modify an existing template.
Option 1:
If you know what ports your MS-SQL Server is running on. You can modify the scan template to include this ports as part of the discovery phase of the scan.
Option 2:
If you don't know what ports the MS-SQL database is running on.
Best Practise:
It would be advisable to create an asset group with just your MS-SQL servers in them, so you only run an all ports discovery scan on those servers. As this will increase the time it takes to scan.
Applies To
A linux scan engine or windows scan engine which is not part of the same domain as the MS-SQL Server.