Re: SQL Server over the Web, what are my options?

From: Matt Gibson (mattg_at_blueedgetech.ca)
Date: 02/01/05

• Next message: Massimo: "Re: SQL Server over the Web, what are my options?"
• Previous message: Chris Geier: "RE: Hidden connection string"
• In reply to: DarrenJ: "SQL Server over the Web, what are my options?"
• Next in thread: Massimo: "Re: SQL Server over the Web, what are my options?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 1 Feb 2005 11:52:36 -0800

Darren,

I'd personally go with the firewall, and ONLY allow port 1433 over that
connection. SSL encryption is perfectly fine.

The problem occurs when/if your webserver is hacked (or vise-versa). The
attackers then have a secure link back to your SQL server. If your SQL
server is in a DMZ, then this isn't so bad. If it's in your network, then
it's bad.

Matt Gibson - GSEC

"DarrenJ" <darrenj@classinfo.com(work)> wrote in message
news:38D37232-3CF0-430C-A02A-3008B087EAE3@microsoft.com...
>
> SQL Server DB is at location A
> IIS Server with the website is at location B
>
> The website at location B needs to be able to run sql queries against the
> DB
> at location A over the internet.
>
> The options I am considering are:
>
> 1) VPN between A and B. What are the pros and cons?
>
> 2) On the firewall at B, forwarding traffic from A to SQL server. Would
> use
> SSL encryption for the DB connection but still not sure this is secure
> enough.
>
> Do those sound like valid secure options?
> Are there other options I should be considering.
>
> Thanks
>
> --
> Darren Jensen

---

• Next message: Massimo: "Re: SQL Server over the Web, what are my options?"
• Previous message: Chris Geier: "RE: Hidden connection string"
• In reply to: DarrenJ: "SQL Server over the Web, what are my options?"
• Next in thread: Massimo: "Re: SQL Server over the Web, what are my options?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Connectivity Issues - Bizzare ... Sounds like firewall to me. ... >I am trying to connect to a default instance of SQL Server 2000 Enterprise ... I create a SqlDataAdapter on the web form, ... I take the same connection string from the web app, ... (microsoft.public.sqlserver.connect) Re: Connect to SQL Server over the internet ... connection dialog window that you will find on the main menu: ... which is the port used by SQL-Server in its basic configuration. ... I can remove the firewall. ... Computer A is where is installed SQL server 2000 and the BE. ... (microsoft.public.access.adp.sqlserver) Re: Named pipe error 53 ... Did you try disabling the firewall on the Windows XP machine to see if it is dedicted to the settings of the firewall? ... An error has occurred while establishing a connection to the server. ... under the default settings SQL Server does not allow remote connections. ... (provider: Named Pipes Provider, error: 40 - Could not open a connection to ... (microsoft.public.sqlserver.connect) Re: connecting to SQL Server 2000 from a VB.net app using ADO.net ... In terms of connectivity issues over the Internet, firewall ... TCP Ports Needed for Communication to SQL Server ... I can't create a remote connection in Enterprise Manager. ... (microsoft.public.sqlserver.connect) Re: Error "SQL Server does not allow remote connections" ... The application could not connect to the sql server db. ... network is blocking the connection. ... SqlInternalConnectionTds connHandler, Boolean ignoreSniOpenTimeout, Int64 ... integratedSecurity, SqlConnection owningObject) +737554 ... (microsoft.public.dotnet.framework.aspnet)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(17)